Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default Domain Policy
Data collected on: 23/04/2025 10:47:15
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/08/2001 10:55:56
Modified11/05/2023 09:42:16
User Revisions16 (AD), 16 (SYSVOL)
Computer Revisions295 (AD), 295 (SYSVOL)
Unique ID{31B2F340-016D-11D2-945F-00C04FB984F9}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
RMSYesDisabledbfl.local/Accounts Computer/Desktops/UK/RMS
CVADNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
CVADNoEnabledbfl.local/Accounts Computer/Ireland/CVAD
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENG - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG - W11
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
EU Beazley HSD Desktop ENG - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG - W22
EU Beazley HSD Desktop PRD - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD - W22
CVADNoEnabledbfl.local/Accounts Computer/London/CVAD
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox
CVADNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
TestNoEnabledbfl.local/Accounts User/Farmington/IT/Test

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Account Policies/Password Policy
PolicySetting
Enforce password history24 passwords remembered
Maximum password age0 days
Minimum password age1 days
Minimum password length8 characters
Password must meet complexity requirementsEnabled
Store passwords using reversible encryptionDisabled
Account Policies/Account Lockout Policy
PolicySetting
Account lockout duration30 minutes
Account lockout threshold3 invalid logon attempts
Reset account lockout counter after30 minutes
Account Policies/Kerberos Policy
PolicySetting
Enforce user logon restrictionsEnabled
Maximum lifetime for service ticket600 minutes
Maximum lifetime for user ticket10 hours
Maximum lifetime for user ticket renewal7 days
Maximum tolerance for computer clock synchronization5 minutes
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit logon eventsSuccess, Failure
Local Policies/User Rights Assignment
PolicySetting
Deny log on locallyBFL\sec.deny.interactive.logon
Deny log on through Terminal ServicesBFL\sec.deny.interactive.logon
Local Policies/Security Options
Interactive Logon
PolicySetting
Interactive logon: Prompt user to change password before expiration14 days
Network Security
PolicySetting
Network security: Force logoff when logon hours expireDisabled
Recovery Console
PolicySetting
Recovery console: Allow automatic administrative logonEnabled
Recovery console: Allow floppy copy and access to all drives and all foldersEnabled
Other
PolicySetting
Network security: Restrict NTLM: Audit Incoming NTLM TrafficEnable auditing for all accounts
Network security: Restrict NTLM: Outgoing NTLM traffic to remote serversAllow all
Event Log
PolicySetting
Maximum application log size65536 kilobytes
Maximum security log size65536 kilobytes
Maximum system log size65536 kilobytes
Retention method for application logAs needed
Retention method for security logAs needed
Retention method for system logAs needed
Public Key Policies/Encrypting File System
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
admin_rsadmin_rs29/01/2111 13:48:26File Recovery

For additional information about individual settings, launch the Local Group Policy Object Editor.
Public Key Policies/Automatic Certificate Request Settings
Automatic Certificate Request
Computer

For additional information about individual settings, launch the Local Group Policy Object Editor.
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
admin_rsadmin_rs29/01/2111 13:48:26File Recovery

For additional information about individual settings, launch the Local Group Policy Object Editor.
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.10
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Private Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Public Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Inbound Rules
NameDescription
Windows Remote Management (HTTP-In)Inbound rule for Windows Remote Management via WS-Management. [TCP 5985]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port5985
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupWindows Remote Management (Compatibility)
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/DNS Client
PolicySettingComment
DNS suffix search listEnabled
DNS Suffixes:bfl.local,beazleydev.local
Network/Network Connections/Windows Firewall/Domain Profile
PolicySettingComment
Windows Firewall: Protect all network connectionsDisabled
System/Kerberos
PolicySettingComment
Set maximum Kerberos SSPI context token buffer sizeEnabled
Maximum size48000
User Configuration (Enabled)
Policies
Windows Settings
Remote Installation Services
Client Installation Wizard options
PolicySetting
Custom SetupDisabled
Restart SetupDisabled
ToolsDisabled
Default Domain Controllers Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default Domain Controllers Policy
Data collected on: 23/04/2025 10:47:15
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/08/2001 10:55:56
Modified25/03/2025 23:58:10
User Revisions13 (AD), 13 (SYSVOL)
Computer Revisions375 (AD), 375 (SYSVOL)
Unique ID{6AC1786C-016F-11D2-945F-00C04fB984F9}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Domain ControllersNoEnabledbfl.local/Domain Controllers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Account Policies/Password Policy
PolicySetting
Minimum password length5 characters
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit privilege useFailure
Audit process trackingNo auditing
Audit system eventsSuccess, Failure
Local Policies/User Rights Assignment
PolicySetting
Access this computer from the networkBFL\IWAM_FARPRDDC01-NEW, BFL\IWAM_SHLDRDC02, BFL\IUSR_SHLDRVM01, BFL\IUSR_HKGLIVDC01, BFL\IWAM_PRSLIVDC01, BFL\IWAM_SNGLIVDC01, BFL\IUSR_FARPRDDC01, BFL\IWAM_PADCFL01, BUILTIN\Pre-Windows 2000 Compatible Access, BFL\IUSR_TEMP-DC, BFL\IWAM_BEAZLEYEXSERVER, BFL\IWAM_BEAZLEY-JY, BFL\IWAM_W2KSQL, Everyone, S-1-5-21-104138108-1481389527-1543859470-1012, S-1-5-21-104138108-1481389527-1543859470-500, S-1-5-21-58594938-1633628789-801526373-1108, BFL\mqadmin, BFL\IWAM_BFL_NTSVR3, BFL\Domain Users, BUILTIN\Administrators, NT AUTHORITY\Authenticated Users, BUILTIN\Backup Operators, BFL\IUSR_W2KSQL, BFL\IUSR_BEAZLEY-JY, BFL\IUSR_BEAZLEYEXSERVER, BFL\IWAM_TEMP-DC, NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS, BFL\IWAM_FARPRDDC01, BFL\IUSR_PADCFL01, BFL\IUSR_SNGLIVDC01, BFL\IWAM_HKGLIVDC01, BFL\IUSR_PRSLIVDC01, BFL\IWAM_SHLDRVM01, BFL\IUSR_SHLDRDC02, BFL\IUSR_FARPRDDC01-NEW, BFL\IWAM_UKDRDC001, BFL\IUSR_UKDRDC001
Act as part of the operating systemBFL\servexch, S-1-5-21-58594938-1633628789-801526373-1108, BUILTIN\Backup Operators, BFL\$admin
Add workstations to domainBFL\GHOST_ITDHA004, BFL\GHOST_COMPAQ14, BFL\Domain Admins, NT AUTHORITY\Authenticated Users
Adjust memory quotas for a processBFL\IWAM_UKDRDC001, BFL\IWAM_FARPRDDC01-NEW, BFL\IWAM_SHLDRDC02, BFL\IWAM_SNGLIVDC01, NT AUTHORITY\LOCAL SERVICE, BFL\$admin, BUILTIN\Administrators, NT AUTHORITY\NETWORK SERVICE, BFL\IWAM_TEMP-DC, BFL\IWAM_PADCFL01, BFL\IWAM_FARPRDDC01, BFL\IWAM_PRSLIVDC01, BFL\IWAM_HKGLIVDC01, BFL\IWAM_SHLDRVM01, S-1-5-21-58594938-1633628789-801526373-18618
Allow log on locallyBFL\IUSR_UKDRDC001, BUILTIN\Server Operators, BUILTIN\Print Operators, BFL\TsInternetUser, BFL\servexch, BFL\Rol.Sec_Networks, BFL\IWAM_BFL_NTSVR3, BFL\IUSR_W2KSQL, BFL\IUSR_TEMP-DC, BFL\IUSR_SNGLIVDC01, BFL\IUSR_SHLDRVM01, BFL\IUSR_SHLDRDC02, BFL\IUSR_PRSLIVDC01, BFL\IUSR_PADCFL01, BFL\IUSR_PADCA501, BFL\IUSR_HKGLIVDC01, BFL\IUSR_FARPRDDC01-NEW, BFL\IUSR_FARPRDDC01, BFL\IUSR_BFL_NTSVR3, BFL\IUSR_BFL_NTSVR2, BFL\IUSR_BEAZLEY-JY, BFL\IUSR_BEAZLEYEXSERVER, BFL\Domain Users, BFL\$admin, BUILTIN\Backup Operators, BUILTIN\Administrators, BUILTIN\Account Operators, S-1-5-21-58594938-1633628789-801526373-1469, S-1-5-21-58594938-1633628789-801526373-1133, S-1-5-21-58594938-1633628789-801526373-1114, S-1-5-21-58594938-1633628789-801526373-1108, S-1-5-21-58594938-1633628789-801526373-1095, S-1-5-21-58594938-1633628789-801526373-1093, S-1-5-21-58594938-1633628789-801526373-1087, S-1-5-21-58594938-1633628789-801526373-1086, S-1-5-21-58594938-1633628789-801526373-1066, S-1-5-21-58594938-1633628789-801526373-1064, S-1-5-21-58594938-1633628789-801526373-1063, S-1-5-21-58594938-1633628789-801526373-1062, S-1-5-21-58594938-1633628789-801526373-1061, S-1-5-21-58594938-1633628789-801526373-1060, S-1-5-21-58594938-1633628789-801526373-1059
Allow log on through Terminal ServicesS-1-5-21-58594938-1633628789-801526373-65453, S-1-5-21-58594938-1633628789-801526373-62113, BFL\Rol.Sec_Networks, BUILTIN\Administrators, S-1-5-21-58594938-1633628789-801526373-60085, S-1-5-21-58594938-1633628789-801526373-67083
Back up files and directoriesBUILTIN\Administrators, BUILTIN\Server Operators, BUILTIN\Backup Operators
Bypass traverse checkingWindow Manager\Window Manager Group, S-1-5-21-58594938-1633628789-801526373-18618, BUILTIN\Pre-Windows 2000 Compatible Access, Everyone
Change the system timeBUILTIN\Administrators, BUILTIN\Server Operators, NT AUTHORITY\LOCAL SERVICE
Create a pagefileBUILTIN\Administrators
Create a token object
Create global objectsNT AUTHORITY\SERVICE, NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\LOCAL SERVICE, BUILTIN\Administrators
Create permanent shared objects
Debug programsBUILTIN\Administrators, BFL\svc_bzCfgMngmt_prd
Deny access to this computer from the networkBFL\SUPPORT_388945a0
Deny log on as a batch job
Deny log on as a service
Deny log on locallyBFL\SUPPORT_388945a0, BFL\GHOST_COMPAQ14, BFL\GHOST_ITDHA004
Enable computer and user accounts to be trusted for delegationBUILTIN\Administrators
Force shutdown from a remote systemBUILTIN\Administrators, BUILTIN\Server Operators
Generate security auditsS-1-5-80-1321940109-3370001082-3650459431-215109509-2472514016, S-1-5-80-2246541699-21809830-3603976364-117610243-975697593, BFL\$admin, BFL\svc_adfs_prd, NT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE
Increase a process working setNT AUTHORITY\LOCAL SERVICE, BUILTIN\Administrators
Increase scheduling priorityBUILTIN\Administrators
Load and unload device driversBUILTIN\Print Operators, BUILTIN\Administrators
Lock pages in memory
Log on as a batch jobBFL\IUSR_UKDRDC001, BFL\y_shiek2, S-1-5-21-58594938-1633628789-801526373-18618, BFL\IWAM_FARPRDDC01-NEW, BFL\IWAM_SHLDRDC02, BFL\y_coutdd, BFL\IUSR_SHLDRVM01, BFL\IUSR_HKGLIVDC01, BFL\IWAM_HKGLIVDC01, BFL\IWAM_PRSLIVDC01, BFL\caroot, BFL\IWAM_SNGLIVDC01, BFL\admin_dch, BFL\sweepupd, BFL\IUSR_FARPRDDC01, BFL\IWAM_PADCFL01, S-1-5-21-58594938-1633628789-801526373-7225, BFL\IUSR_PADCA501, BFL\lanz, BFL\IIS_WPG, BFL\IUSR_TEMP-DC, S-1-5-21-58594938-1633628789-801526373-3792, S-1-5-21-58594938-1633628789-801526373-1292, S-1-5-21-58594938-1633628789-801526373-1298, BUILTIN\Backup Operators, BFL\$admin, BFL\IUSR_BEAZLEYEXSERVER, BFL\IUSR_BEAZLEY-JY, BFL\IUSR_W2KSQL, BFL\IWAM_BEAZLEYEXSERVER, BFL\IWAM_BEAZLEY-JY, BFL\IWAM_BFL_NTSVR3, BFL\IWAM_W2KSQL, BFL\servexch, S-1-5-21-590642356-1473272683-526660263-1007, BFL\sadmin, BFL\siweh, BFL\IWAM_TEMP-DC, BFL\SUPPORT_388945a0, NT AUTHORITY\LOCAL SERVICE, BFL\IUSR_PADCFL01, BFL\IWAM_FARPRDDC01, BFL\KVSVault, BFL\IUSR_SNGLIVDC01, BFL\IUSR_PRSLIVDC01, BFL\IWAM_SHLDRVM01, BFL\IUSR_SHLDRDC02, BFL\IUSR_FARPRDDC01-NEW, BFL\y_hayad, BFL\y_meeto, BFL\IWAM_UKDRDC001, BUILTIN\IIS_IUSRS, BFL\svc_bzCfgMngmt_prd
Log on as a serviceNT SERVICE\himds, S-1-5-21-58594938-1633628789-801526373-1055, S-1-5-21-58594938-1633628789-801526373-1071, S-1-5-21-58594938-1633628789-801526373-1084, S-1-5-21-58594938-1633628789-801526373-1108, S-1-5-21-58594938-1633628789-801526373-18618, S-1-5-21-58594938-1633628789-801526373-27097, S-1-5-21-58594938-1633628789-801526373-7225, S-1-5-80-1321940109-3370001082-3650459431-215109509-2472514016, S-1-5-80-2246541699-21809830-3603976364-117610243-975697593, BUILTIN\Backup Operators, BFL\$admin, BFL\backup, BFL\caroot, BFL\dbagent, BFL\GHOST_COMPAQ14, BFL\GHOST_ITDHA004, BFL\lanz, BFL\longbot_y, BFL\overseer, BFL\servexch, BFL\servrepl, BFL\srv.AGPM.Prod, BFL\svc_adfs_prd, BFL\SVC_SQL_SCOMACT_PRD, BFL\sweepupd, BFL\websense, NT AUTHORITY\NETWORK SERVICE, NT SERVICE\ALL SERVICES, BFL\svc_bzCfgMngmt_prd
Manage auditing and security logBFL\Exchange Servers, BFL\Exchange Enterprise Servers, BUILTIN\Administrators, BFL\svc_bzCfgMngmt_prd
Modify firmware environment valuesBUILTIN\Administrators
Profile single processBUILTIN\Administrators
Profile system performanceBUILTIN\Administrators
Remove computer from docking stationBUILTIN\Administrators
Replace a process level tokenBFL\Administrator, S-1-5-21-58594938-1633628789-801526373-18618, BFL\IWAM_FARPRDDC01-NEW, BFL\IWAM_SHLDRDC02, BFL\IWAM_SNGLIVDC01, NT AUTHORITY\LOCAL SERVICE, BFL\$admin, NT AUTHORITY\NETWORK SERVICE, BFL\IWAM_TEMP-DC, BFL\IWAM_PADCFL01, BFL\IWAM_FARPRDDC01, BFL\IWAM_PRSLIVDC01, BFL\IWAM_HKGLIVDC01, BFL\IWAM_SHLDRVM01, BFL\IWAM_UKDRDC001, BFL\svc_bzCfgMngmt_prd
Restore files and directoriesBFL\servexch, BUILTIN\Administrators, BUILTIN\Server Operators, BUILTIN\Backup Operators, BFL\$admin
Shut down the systemBUILTIN\Administrators, BUILTIN\Server Operators, BUILTIN\Print Operators, BUILTIN\Backup Operators, BFL\GHOST_COMPAQ14, BFL\GHOST_ITDHA004
Synchronize directory service data
Take ownership of files or other objectsBUILTIN\Administrators
Local Policies/Security Options
Devices
PolicySetting
Devices: Prevent users from installing printer driversEnabled
Interactive Logon
PolicySetting
Interactive logon: Do not display last user nameEnabled
Network Access
PolicySetting
Network access: Remotely accessible registry pathsSystem\CurrentControlSet\Control\ProductOptions, System\CurrentControlSet\Control\Server Applications, Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-pathsSoftware\Microsoft\Windows NT\CurrentVersion\Print, Software\Microsoft\Windows NT\CurrentVersion\Windows, System\CurrentControlSet\Control\Print\Printers, System\CurrentControlSet\Services\Eventlog, Software\Microsoft\OLAP Server, System\CurrentControlSet\Control\ContentIndex, System\CurrentControlSet\Control\Terminal Server, System\CurrentControlSet\Control\Terminal Server\UserConfig, System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration, Software\Microsoft\Windows NT\CurrentVersion\Perflib, System\CurrentControlSet\Services\SysmonLog
Shutdown
PolicySetting
Shutdown: Allow system to be shut down without having to log onEnabled
User Account Control
PolicySetting
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModePrompt for credentials
User Account Control: Run all administrators in Admin Approval ModeEnabled
User Account Control: Switch to the secure desktop when prompting for elevationEnabled
Other
PolicySetting
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsEnabled
Domain controller: Allow vulnerable Netlogon secure channel connections"O:BAG:BAD:(A;;RC;;;S-1-5-21-58594938-1633628789-801526373-118147)"
Network security: Configure encryption types allowed for KerberosEnabled
DES_CBC_CRCEnabled
DES_CBC_MD5Enabled
RC4_HMAC_MD5Enabled
AES128_HMAC_SHA1Enabled
AES256_HMAC_SHA1Enabled
Future encryption typesDisabled
Network security: Restrict NTLM: Audit Incoming NTLM TrafficEnable auditing for all accounts
Network security: Restrict NTLM: Audit NTLM authentication in this domainEnable all
Network security: Restrict NTLM: Outgoing NTLM traffic to remote serversAudit all
Advanced Audit Configuration
Account Logon
PolicySetting
Audit Credential ValidationSuccess, Failure
Audit Kerberos Authentication ServiceSuccess, Failure
Account Management
PolicySetting
Audit Computer Account ManagementSuccess, Failure
Audit Distribution Group ManagementSuccess, Failure
Audit Security Group ManagementSuccess, Failure
Audit User Account ManagementSuccess, Failure
Detailed Tracking
PolicySetting
Audit Process CreationSuccess
Audit Process TerminationSuccess
DS Access
PolicySetting
Audit Directory Service AccessSuccess, Failure
Audit Directory Service ChangesSuccess, Failure
Logon/Logoff
PolicySetting
Audit LogoffSuccess
Audit LogonSuccess, Failure
Audit Network Policy ServerSuccess, Failure
Audit Other Logon/Logoff EventsSuccess
Object Access
PolicySetting
Audit Other Object Access EventsSuccess
Policy Change
PolicySetting
Audit Authentication Policy ChangeSuccess
Audit Authorization Policy ChangeSuccess
System
PolicySetting
Audit Security State ChangeSuccess
Audit Security System ExtensionSuccess, Failure
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for active but idle Remote Desktop Services sessionsEnabled
Idle session limit:15 minutes
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session30 minutes
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
DES 56/56 (Order: 1)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers
Value nameDES 56/56
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
RC4 128/128 (Order: 2)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers
Value nameRC4 128/128
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
RC4 40/128 (Order: 3)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers
Value nameRC4 40/128
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
RC4 56/128 (Order: 4)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers
Value nameRC4 56/128
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
RC4 64/128 (Order: 5)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers
Value nameRC4 64/128
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Triple DES 168 (Order: 6)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers
Value nameTriple DES 168
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
UK Login Scripts
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK Login Scripts
Data collected on: 23/04/2025 10:47:15
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created26/09/2005 14:33:42
Modified15/09/2020 21:54:22
User Revisions110 (AD), 110 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{E2FCA12B-699A-4E82-A469-57AF3F5CC4E2}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
IrelandNoDisabledbfl.local/Accounts User/Ireland
LondonNoDisabledbfl.local/Accounts User/London
Support OperationsNoDisabledbfl.local/Accounts User/London/IT/Support Operations

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\randkCustomNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Scripts
Logon
For this GPO, Script order: Not configured
NameParameters
UpdateExtension.vbs
OfficeUserInfo.vbs
claimsaddin.cmd
SpecialtyLinesClaimsAuditAddIn.cmd
SetNewScreenSaver.vbs
clearformscache.vbs
Start2000.vbs
BeazleyBackgroundFencing.vbs
MapPrinters.vbs
RemoveOldPrinters.vbs
Farmington Login Script
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Farmington Login Script
Data collected on: 23/04/2025 10:47:15
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/11/2006 15:43:54
Modified15/09/2020 21:54:22
User Revisions39 (AD), 39 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{377E5504-6AB8-4F22-90AD-D831DFB0CFEB}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
FarmingtonNoDisabledbfl.local/Accounts User/Farmington
TestNoDisabledbfl.local/Accounts User/Farmington/IT/Test

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Logon
PolicySettingComment
Always wait for the network at computer startup and logonEnabled
User Configuration (Enabled)
Policies
Windows Settings
Scripts
Logon
For this GPO, Script order: Not configured
NameParameters
USStart2000.vbs
BFL Screen Saver Lockdown - Lloyds
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Screen Saver Lockdown - Lloyds
Data collected on: 23/04/2025 10:47:15
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created04/05/2007 15:44:32
Modified15/09/2020 21:54:22
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{14AF6F20-E125-4780-95B6-C4986DA38FAF}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Reed & MackayNoDisabledbfl.local/Accounts External Users/External Companies/Reed & Mackay
LondonNoDisabledbfl.local/Accounts User/London

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
WMI Filtering
WMI Filter NameLlyods Computers
DescriptionTrue if computer is in the Lloyds AD site
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\EcopyCustomNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Force specific screen saverEnabled
Screen saver executable nameBeazley.scr
PolicySettingComment
Password protect the screen saverEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:600
Disable Manage Your Server Page
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Disable Manage Your Server Page
Data collected on: 23/04/2025 10:47:16
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created20/08/2007 16:06:44
Modified15/09/2020 21:54:22
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{A6B66A85-A136-432C-9DF9-106D89A6E3E9}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System
PolicySettingComment
Do not display Manage Your Server page at logonEnabled
User Configuration (Disabled)
No settings defined.
BFL Exchange 2007 Servers
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Exchange 2007 Servers
Data collected on: 23/04/2025 10:47:16
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created09/02/2009 12:27:46
Modified15/09/2020 21:54:22
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions36 (AD), 36 (SYSVOL)
Unique ID{2045B5EE-7EC9-4C0C-8A52-E590C4BEFF51}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Exchange 2007NoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Exchange 2007

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit privilege useSuccess, Failure
Audit process trackingSuccess, Failure
Audit system eventsSuccess, Failure
Local Policies/Security Options
User Account Control
PolicySetting
User Account Control: Run all administrators in Admin Approval ModeDisabled
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Logon
PolicySettingComment
Assign a default domain for logonEnabled
Default Logon domain:bfl
Enter the name of the domain
System/Server Manager
PolicySettingComment
Do not display Initial Configuration Tasks window automatically at logonEnabled
Do not display Server Manager automatically at logonEnabled
User Configuration (Disabled)
No settings defined.
User Unrestricted Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
User Unrestricted Policy 1.0
Data collected on: 23/04/2025 10:47:16
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2009 14:30:44
Modified15/09/2020 21:54:36
User Revisions55 (AD), 55 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{E31D7E64-1558-410B-BB3D-352A93555F2A}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
DevelopersNoEnabledbfl.local/Accounts User/Farmington/IT/Developers
TestNoEnabledbfl.local/Accounts User/Farmington/IT/Test
DevelopersNoDisabledbfl.local/Accounts User/London/IT/Developers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Hide specified Control Panel itemsDisabled
Desktop
PolicySettingComment
Prohibit User from manually redirecting Profile FoldersDisabled
Remove Properties from the Computer icon context menuDisabled
Remove Properties from the Documents icon context menuDisabled
Desktop/Desktop
PolicySettingComment
Disable Active DesktopDisabled
Start Menu and Taskbar
PolicySettingComment
Remove Music icon from Start MenuDisabled
Remove Pictures icon from Start MenuDisabled
System
PolicySettingComment
Do not display the Getting Started welcome screen at logonDisabled
Prevent access to registry editing toolsDisabled
Prevent access to the command promptDisabled
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:CD-ROM and removable media drives
Windows Components/File Explorer
PolicySettingComment
Hide these specified drives in My ComputerDisabled
Prevent access to drives from My ComputerDisabled
Remove Hardware tabDisabled
Request credentials for network installationsDisabled
Windows Components/Internet Explorer
PolicySettingComment
Prevent managing the phishing filterDisabled
Prevent participation in the Customer Experience Improvement ProgramDisabled
Prevent running First Run wizardDisabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
.Net Framework ConfigurationEnabled
Active Directory Domains and TrustsEnabled
Active Directory Sites and ServicesEnabled
Active Directory Users and ComputersEnabled
ActiveX ControlEnabled
ADSI EditEnabled
Certificate TemplatesEnabled
CertificatesEnabled
Certification AuthorityEnabled
Component ServicesEnabled
Computer ManagementEnabled
Device ManagerEnabled
Disk DefragmenterEnabled
Disk ManagementEnabled
Distributed File SystemEnabled
FrontPage Server ExtensionsEnabled
Internet Authentication Service (IAS)Enabled
Internet Information ServicesEnabled
IP Security MonitorEnabled
Local Users and GroupsEnabled
Remote Desktop Services ConfigurationEnabled
Remote DesktopsEnabled
Removable Storage ManagementEnabled
Routing and Remote AccessEnabled
Security Configuration and AnalysisEnabled
Security TemplatesEnabled
ServicesEnabled
TelephonyEnabled
Wireless MonitorEnabled
WMI ControlEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Extension snap-ins
PolicySettingComment
Device ManagerEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Group Policy
PolicySettingComment
Group Policy ManagementEnabled
Group Policy Object EditorEnabled
Group Policy tab for Active Directory ToolsEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Group Policy/Group Policy snap-in extensions
PolicySettingComment
IP Security Policy ManagementEnabled
Windows Components/Task Scheduler
PolicySettingComment
Prohibit New Task CreationDisabled
Prohibit Task DeletionDisabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker0
Preferences
Windows Settings
Files
File (Target Path: %userprofile%\application data\Microsoft\Templates\Normal.dotm)
Normal.dotm (Order: 1)
General
ActionReplace
Properties
Source file(s)\\bfl.local\netlogon\Normal.dotm
Destination file%userprofile%\application data\Microsoft\Templates\Normal.dotm
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
File (Target Path: %userprofile%\application data\Microsoft\templates\document themes\Default Theme.thmx)
Default Theme.thmx (Order: 2)
General
ActionReplace
Properties
Source file(s)\\bfl.local\netlogon\Default Theme.thmx
Destination file%userprofile%\application data\Microsoft\templates\document themes\Default Theme.thmx
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Folders
Folder (Path: C:\Documents and Settings\%username%\application data\microsoft\Templates/Document Themes)
Templates/Document Themes (Order: 1)
General
ActionUpdate
Attributes
PathC:\Documents and Settings\%username%\application data\microsoft\Templates/Document Themes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
BFL ServiceDesk to ServerLocalAdmins
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL ServiceDesk to ServerLocalAdmins
Data collected on: 23/04/2025 10:47:16
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/04/2009 10:08:04
Modified15/09/2020 21:54:36
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{74F5ADCD-FD86-4B65-9CD7-4370206B8350}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
LondonNoEnabledbfl.local/Accounts Computer/London
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Singapore/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
User Configuration (Disabled)
No settings defined.
Computer Unrestricted Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Computer Unrestricted Policy 1.0
Data collected on: 23/04/2025 10:47:16
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created19/05/2009 15:15:04
Modified15/09/2020 21:54:36
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions52 (AD), 52 (SYSVOL)
Unique ID{7D89672E-2152-4F96-9E0B-A4502A9F45EF}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BUILTIN\AdministratorsBFL\Domain Users
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Information Services
PolicySettingComment
Prevent IIS installationDisabled
Preferences
Windows Settings
Registry
Collection: Registry Wizard Values/HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Syncmgr
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry item: KeepProgresslevel
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Syncmgr
Value nameKeepProgresslevel
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
User Configuration (Disabled)
No settings defined.
UK Event Log Access
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK Event Log Access
Data collected on: 23/04/2025 10:47:16
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/09/2009 16:33:52
Modified15/09/2020 21:56:32
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions40 (AD), 40 (SYSVOL)
Unique ID{5463511D-3C94-413C-AA75-9696570F474D}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
DevelopmentNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Development

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-10211
S-1-5-21-58594938-1633628789-801526373-15157
S-1-5-21-58594938-1633628789-801526373-15170
S-1-5-21-58594938-1633628789-801526373-15786
S-1-5-21-58594938-1633628789-801526373-18234
S-1-5-21-58594938-1633628789-801526373-18235
S-1-5-21-58594938-1633628789-801526373-18396
S-1-5-21-58594938-1633628789-801526373-21586
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-10211Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15157Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15170Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15786Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-18234Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-18235Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-18396Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-21586Read (from Security Filtering)No
Computer Configuration (Disabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Registry Values
PolicySetting
MACHINE\System\CurrentControlSet\Services\Eventlog\Application\CustomSD"O:BAG:SYD:(D;; 0xf0007;;;AN)(D;; 0xf0007;;;BG)(A;; 0xf0007;;;SY)(A;; 0x5;;;BA)(A;; 0x7;;;SO)(A;; 0x3;;;IU)(A;; 0x2;;;BA)(A;; 0x2;;;LS)(A;; 0x2;;;NS) (A;; 0x1;;;S-1-5-21-58594938-1633628789-801526373-15635) (A;; 0x1;;;S-1-5-21-58594938-1633628789-801526373-15111) (A;; 0x3;;;S-1-5-21-58594938-1633628789-801526373-19624)"
User Configuration (Enabled)
No settings defined.
Enable Point and Print
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Enable Point and Print
Data collected on: 23/04/2025 10:47:16
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created22/01/2010 17:03:08
Modified15/09/2020 21:56:32
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{4616DA11-8F18-45AE-B7AF-E5FB24E0DE22}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Printers
PolicySettingComment
Point and Print RestrictionsDisabled
XenApp Server Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
XenApp Server Policy
Data collected on: 23/04/2025 10:47:17
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created10/03/2010 15:43:44
Modified15/09/2020 21:56:32
User Revisions10 (AD), 10 (SYSVOL)
Computer Revisions44 (AD), 44 (SYSVOL)
Unique ID{45E75824-36F2-40E8-A447-74F53D470F3A}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVB File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Hash Rules
SCNotification.exe (5.0.7804.1000); SCNotification.exe; SCNotification; System Center Configuration Manager; Microsoft Corporation
Security LevelDisallowed
DescriptionTo prevent SCCM reboot notifications after server patching/updates.
Date last modified25/07/2013 16:34:05
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified25/07/2013 16:30:24
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified25/07/2013 16:30:24
C:\Windows\CCM\SCNotification.exe
Security LevelDisallowed
DescriptionTo prevent SCCM reboot notifications after server patching/updates.
Date last modified25/07/2013 16:34:31
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
User Configuration (Disabled)
No settings defined.
GBL Printer Mappings Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Printer Mappings Policy 1.0
Data collected on: 23/04/2025 10:47:17
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/08/2010 16:48:32
Modified15/09/2020 21:56:58
User Revisions6100 (AD), 6100 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{E67D8EEA-B803-4249-BAD7-AFE1581DEA35}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Accounts UserNoDisabledbfl.local/Accounts User
TestNoDisabledbfl.local/Accounts User/Farmington/IT/Test
Support OperationsNoDisabledbfl.local/Accounts User/London/IT/Support Operations

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Preferences
Control Panel Settings
Printers
Shared Printer (Name: \\USPRFP006\NYCLIVPR01)
NYCLIVPR01 (Order: 23)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Description
Deletes NYC Printer NYCLIVPR01 if the user is not in IP address range 192.168.12.1 - 192.168.12.254
NYCLIVPR01 (Order: 1)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR01
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Description
Maps NYC Printer NYCLIVPR01 if the user is in IP address range 192.168.12.1 - 192.168.12.254
Shared Printer (Name: \\USPRFP006\NYCLIVPR02)
NYCLIVPR02 (Order: 24)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Description
Deletes NYC Printer NYCLIVPR02 if the user is not in IP address range 192.168.12.1 - 192.168.12.254
NYCLIVPR02 (Order: 2)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR02
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Description
Maps NYC Printer NYCLIVPR02 if the user is in IP address range 192.168.12.1 - 192.168.12.254
Shared Printer (Name: \\USPRFP006\NYCLIVPR04)
NYCLIVPR04 (Order: 25)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Description
Deletes NYC Printer NYCLIVPR04if the user is not in IP address range 192.168.12.1 - 192.168.12.254
NYCLIVPR04 (Order: 3)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR04
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Shared Printer (Name: \\USPRFP010\ATLLIVPR01)
ATLLIVPR01 (Order: 141)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.104.1
max192.168.104.255
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.106.129
max192.168.106.254
Description
Deletes ATLLIVPR01 if not on subnet 192.168.104 and 106
ATLLIVPR01 (Order: 4)
General
ActionCreate
Properties
Share Path\\USPRFP010\ATLLIVPR01
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.104.1
max192.168.104.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.106.129
max192.168.106.254
Description
Adds Printer ATLLIVPR01 if the machine is in subnet 192.168.104
Shared Printer (Name: \\USPRFP010\ATLLIVPR02)
ATLLIVPR02 (Order: 142)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.104.1
max192.168.104.255
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.106.129
max192.168.106.254
Description
Deletes ATLLIVPR02 if not on subnet 192.168.104 and 106
ATLLIVPR02 (Order: 5)
General
ActionCreate
Properties
Share Path\\USPRFP010\ATLLIVPR02
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.104.1
max192.168.104.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.106.129
max192.168.106.254
Shared Printer (Name: \\USPRFP010\ATLLIVPR03)
ATLLIVPR03 (Order: 143)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.104.1
max192.168.104.255
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.106.129
max192.168.106.254
ATLLIVPR03 (Order: 6)
General
ActionCreate
Properties
Share Path\\USPRFP010\ATLLIVPR03
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.104.1
max192.168.104.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.106.129
max192.168.106.254
Description
Maps Printer ATLLIVPr02 if the user is in subnet 192.168.104.x
Shared Printer (Name: \\USPRFP010\ATLLIVPR05)
ATLLIVPR05 (Order: 144)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.104.1
max192.168.104.255
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.106.129
max192.168.106.254
ATLLIVPR05 (Order: 7)
General
ActionCreate
Properties
Share Path\\USPRFP010\ATLLIVPR05
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.104.1
max192.168.104.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.106.129
max192.168.106.254
Description
Maps printer ATLLIVPR05 if the user is in subnet 192.168.104.x
Shared Printer (Name: \\USPRFP005\CHGLIVPR01_BW-D)
CHGLIVPR01_BW-D (Order: 26)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.129
max192.168.22.254
Description
Deletes printer if the user is not in the subnet 192.168.20.0/24 or 192.168.22.128/25
CHGLIVPR01_BW-D (Order: 8)
General
ActionCreate
Properties
Share Path\\USPRFP005\CHGLIVPR01_BW-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.129
max192.168.22.254
Description
Map printer if the user is in the subnet 192.168.20.0/24 or 192.168.22.128/25
Shared Printer (Name: \\USPRFP005\CHGLIVPR01_C-D)
CHGLIVPR01_C-D (Order: 27)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.129
max192.168.22.254
Description
Deletes printer if the user is not in the subnet 192.168.20.0/24 or 192.168.22.128/25
CHGLIVPR01_C-D (Order: 9)
General
ActionCreate
Properties
Share Path\\USPRFP005\CHGLIVPR01_C-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.129
max192.168.22.254
Description
Map printer if the user is in the subnet 192.168.20.0/24 or 192.168.22.128/25
Shared Printer (Name: \\USPRFP005\CHGLIVPR03_BW-D)
CHGLIVPR03_BW-D (Order: 28)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.129
max192.168.22.254
Description
Deletes printer if the user is not in the subnet 192.168.20.0/24 or 192.168.22.128/25
CHGLIVPR03_BW-D (Order: 10)
General
ActionCreate
Properties
Share Path\\USPRFP005\CHGLIVPR03_BW-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.129
max192.168.22.254
Description
Maps printer if the user is in the subnet 192.168.20.0/24 or 192.168.22.128/25
Shared Printer (Name: \\USPRFP005\CHGLIVPR03_C-D)
CHGLIVPR03_C-D (Order: 29)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.129
max192.168.22.254
Description
Deletes printer if the user is not in the subnet 192.168.20.0/24 or 192.168.22.128/25
CHGLIVPR03_C-D (Order: 11)
General
ActionCreate
Properties
Share Path\\USPRFP005\CHGLIVPR03_C-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.129
max192.168.22.254
Description
Maps printer if the user is in the subnet 192.168.20.0/24 or 192.168.22.128/25
Shared Printer (Name: \\USPRFP005\CHGLIVPR04_BW)
CHGLIVPR04_BW (Order: 30)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.129
max192.168.22.254
Description
Deletes printer if the user is not in the subnet 192.168.20.0/24 or 192.168.22.128/25
CHGLIVPR04_BW (Order: 12)
General
ActionCreate
Properties
Share Path\\USPRFP005\CHGLIVPR04_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.129
max192.168.22.254
Description
Map printer if the user is in the subnet 192.168.20.0/24 or 192.168.22.128/25
Shared Printer (Name: \\USPRFP005\CHGLIVPR04_C)
CHGLIVPR04_C (Order: 31)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.129
max192.168.22.254
Description
Deletes printer if the user is not in the subnet 192.168.20.0/24 or 192.168.22.128/25
CHGLIVPR04_C (Order: 13)
General
ActionCreate
Properties
Share Path\\USPRFP005\CHGLIVPR04_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.129
max192.168.22.254
Description
Maps printer if the user is in the subnet 192.168.20.0/24 or 192.168.22.128/25
Shared Printer (Name: \\USPRFP001\BOSLIVPR02)
BOSLIVPR02 (Order: 14)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR02
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.255
Description
Maps the printer BOSLIVPR02 if the user is in the 192.168.76.x subnet or 78.128/26 subnet
Shared Printer (Name: \\USPRFP001\BOSLIVPR03)
BOSLIVPR03 (Order: 33)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
Deletes Printer BOSLIVPR03 if the user is not in the subnet 192.168.76.x or 78.128/26
BOSLIVPR03 (Order: 15)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR03
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.255
Description
Maps the printer BOSLIVPR03 if the user is in the 192.168.76.x subnet or 78.128/26 subnet
Shared Printer (Name: \\USPRFP001\BOSLIVPR04)
BOSLIVPR04 (Order: 34)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
Deletes Printer BOSLIVPR04 if the user is not in the subnet 192.168.76.x or 78.128/26
BOSLIVPR04 (Order: 16)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR04
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.255
Description
Maps the printer BOSLIVPR04 if the user is in the 192.168.76.x subnet or 78.128/26
Shared Printer (Name: \\USPRFP001\BOSLIVPR05)
BOSLIVPR05 (Order: 35)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
Deletes Printer BOSLIVPR05 if the user is not in the subnet 192.168.76.x or 78.128/26
BOSLIVPR05 (Order: 17)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR05
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.255
Description
Maps the printer BOSLIVPR05 if the user is in the 192.168.76.x subnet or 78.128/26
Shared Printer (Name: \\USPRFP001\BOSLIVPR06)
BOSLIVPR06 (Order: 36)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
Deletes Printer BOSLIVPR06 if the user is not in the subnet 192.168.76.x
BOSLIVPR06 (Order: 18)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR06
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.255
Description
Maps the printer BOSLIVPR06 if the user is in the 192.168.76.x subnet or 78.128/26
Shared Printer (Name: \\USPRFP007\SFCLIVPR01)
SFCLIVPR01 (Order: 37)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.129
max192.168.50.190
Description
Deletes Printer SFCLIVPR01 if not in 192.168.48.x subnet or 192.168.50.129-190
SFCLIVPR01 (Order: 19)
General
ActionCreate
Properties
Share Path\\USPRFP007\SFCLIVPR01
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.129
max192.168.50.190
Description
Add Printer SFCLIVPR01 if the IP subnet is 192.168.48.x or 192.168.50.129-190
Shared Printer (Name: \\USPRFP007\SFCLIVPR02)
SFCLIVPR02 (Order: 38)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.129
max192.168.50.190
Description
Deletes Printer SFCLIVPR02 if not in 192.168.48.x subnet or 192.168.50.129-190
SFCLIVPR02 (Order: 20)
General
ActionCreate
Properties
Share Path\\USPRFP007\SFCLIVPR02
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.129
max192.168.50.190
Description
Maps Printer SFCLIVPR02 if in subnet 192.168.48 or 192.168.50.129-190
Shared Printer (Name: \\USPRFP007\SFCLIVPR03)
SFCLIVPR03 (Order: 39)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.129
max192.168.50.190
SFCLIVPR03 (Order: 21)
General
ActionCreate
Properties
Share Path\\USPRFP007\SFCLIVPR03
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.129
max192.168.50.190
Description
Maps Printer SFCLIVPR03 if in subnet 192.168.48 or 192.168.50.129-190
Shared Printer (Name: \\USPRFP007\SFCLIVPR04)
SFCLIVPR04 (Order: 40)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.129
max192.168.50.190
Description
Deletes Printer SFCLIVPR03 if not in 192.168.48.x subnet or 192.168.50.129-190
SFCLIVPR04 (Order: 22)
General
ActionCreate
Properties
Share Path\\USPRFP007\SFCLIVPR04
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.129
max192.168.50.190
Description
Maps Printer SFCLIVPR03 if in subnet 192.168.48 or 192.168.50.129-190
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR02)
BOSLIVPR02 (Order: 150)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
BOSLIVPR02 (Order: 32)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
Deletes Printer BOSLIVPR02 if the user is not in the subnet 192.168.76.x or 78.128/26
Shared Printer (Name: \\usprfp003\mnlivpr01)
MNLIVPR01 (Order: 41)
General
ActionCreate
Properties
Share Path\\usprfp003\mnlivpr01
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.112.1
max192.168.112.254
Description
Create Printer
Shared Printer (Name: \\USPRFP003\MNLIVPR02)
MNLIVPR02 (Order: 44)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.112.1
max192.168.112.254
Description
DELTETS IF NOT IN 112 SUBNET
MNLIVPR02 (Order: 42)
General
ActionCreate
Properties
Share Path\\USPRFP003\MNLIVPR02
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.112.1
max192.168.112.254
Shared Printer (Name: \\USPRFP003\MNLIVPR01)
MNLIVPR01 (Order: 43)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.112.1
max192.168.112.254
Description
DELETES IF NOT IN 112 NETWORK
Shared Printer (Name: \\USPRFP001\BOSLIVPR06_B&W)
BOSLIVPR06_B&W (Order: 45)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR06_B&W
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.255
Description
Maps the printer BOSLIVPR06 if the user is in the 192.168.76.x subnet or 78.128/26
Shared Printer (Name: \\USPRFP001\BOSLIVPR04_B&W)
BOSLIVPR04_B&W (Order: 47)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
Deletes boslivps04_b&w if not on 76.1 or 78.128/26
BOSLIVPR04_B&W (Order: 46)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR04_B&W
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.255
Description
Boston Ricoh BW. maps if on 76.x or 78.128/26
Shared Printer (Name: \\USPRFP001\BOSLIVPS06_B&W)
BOSLIVPS06_B&W (Order: 48)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
Deletes boslivps06_b&w when not in the 76 subnet or 78.128/26
Shared Printer (Name: \\USPRFP001\BOSLIVPR01_B&W)
BOSLIVPR01_B&W (Order: 50)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.128
max192.168.78.255
Description
DELETES BOSLIVPR01_B&W IF NOT IN THE 76.X NETWORK or 78.128/26 network
BOSLIVPR01_B&W (Order: 49)
General
ActionCreate
Properties
Share Path\\USPRFP001\BOSLIVPR01_B&W
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.128
max192.168.78.254
Description
CREATES BOSLIVPS01_B&W IF IN THE 76.X NETWORK or the 78.128/26 subnet
Shared Printer (Name: \\USPRFP006\NYCLIVPR04 B&W Duplex)
NYCLIVPR04 B&W Duplex (Order: 52)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Description
DELETES \\NYCLIVPS01\NYCLIVPR04 B&W Duplex IF NOT ON THE15 SUBNET
NYCLIVPR04 B&W Duplex (Order: 51)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR04 B&W Duplex
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.35
max192.168.12.254
Description
MAPS NYCLIVPR04 BW
Shared Printer (Name: \\USPRFP006\NYCLIVPR07)
NYCLIVPR07 (Order: 128)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.14.1
max192.168.14.254
NYCLIVPR07 (Order: 127)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR07
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.14.1
max192.168.14.254
Description
New York
NYCLIVPR07 (Order: 54)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Description
Deletes NYC Printer NYLIVPR07 if the user is NOT in the IP address range 192.168.12.1 - 192.168.12.254
NYCLIVPR07 (Order: 53)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR07
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Description
Maps NYC Printer NYLIVPR07 if the user is in IP address range 192.168.12.1 - 192.168.12.254
Shared Printer (Name: \\USPRFP006\NYCLIVPR02 B&W Duplex)
NYCLIVPR02 B&W Duplex (Order: 56)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Description
DELETES NYCLIVPR02 B&W Duplex
NYCLIVPR02 B&W Duplex (Order: 55)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR02 B&W Duplex
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Description
CREATES NYCLIVPR02 B&W Duplex
Shared Printer (Name: \\USPRFP003\MNLIVPR01_B&W)
MNLIVPR01_B&W (Order: 58)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.112.1
max192.168.112.254
Description
Deletes Printer
MNLIVPR01_B&W (Order: 57)
General
ActionCreate
Properties
Share Path\\USPRFP003\MNLIVPR01_B&W
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.115.1
max192.168.115.254
Description
Create Printer mnlivps01_b&W
Shared Printer (Name: \\USPRFP007\SFCLIVPR01_B&W)
SFCLIVPR01_B&W (Order: 60)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.129
max192.168.50.190
Description
Deletes printer on 48 network or 192.168.50.129-190
SFCLIVPR01_B&W (Order: 59)
General
ActionCreate
Properties
Share Path\\USPRFP007\SFCLIVPR01_B&W
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.129
max192.168.50.190
Description
Creates Printer on 48 network or 192.168.50.129-190
Shared Printer (Name: \\USPRFP007\SFCLIVPR04_B&W)
SFCLIVPR04_B&W (Order: 62)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.129
max192.168.50.190
Description
Deletes printer on 48 network or 192.168.50.129-190
SFCLIVPR04_B&W (Order: 61)
General
ActionCreate
Properties
Share Path\\USPRFP007\SFCLIVPR04_B&W
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.129
max192.168.50.190
Description
Creates Printer on 48 subnet or 192.168.50.129-190
Shared Printer (Name: \\USPRFP009\PHLLIVPR01_B&W)
PHLLIVPR01_B&W (Order: 64)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.30.1
max192.168.30.254
Description
Deletes Printer is not on .28 amd .30
PHLLIVPR01_B&W (Order: 63)
General
ActionCreate
Properties
Share Path\\USPRFP009\PHLLIVPR01_B&W
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.30.1
max192.168.30.254
Description
Creates Printer for network 28
Shared Printer (Name: \\USPRFP009\PHLLIVPR01)
PHLLIVPR01 (Order: 66)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.30.1
max192.168.30.254
Description
Deletes PRinter on .28 and .30 network
PHLLIVPR01 (Order: 65)
General
ActionCreate
Properties
Share Path\\USPRFP009\PHLLIVPR01
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.30.1
max192.168.30.254
Description
Creates Printer on .28 network
Shared Printer (Name: \\USPRFP004\FARLIVPR08)
FARLIVPR08 (Order: 67)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
Delete FARLIVPR08
Shared Printer (Name: \\USPRFP004\FARLIVPR14)
FARLIVPR14 (Order: 68)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Description
Specialty Lines UA/AA area Us FARLIVPR14 AD Group to assign printer
Shared Printer (Name: \\USPRFP004\FARLIVPR01)
FARLIVPR01 (Order: 69)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR01
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR01
sidS-1-5-21-58594938-1633628789-801526373-33436
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR01
Shared Printer (Name: \\USPRFP004\FARLIVPR02)
FARLIVPR02 (Order: 70)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR02
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR02
sidS-1-5-21-58594938-1633628789-801526373-33437
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR02
Shared Printer (Name: \\USPRFP004\FARLIVPR03)
FARLIVPR03 (Order: 71)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR03
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR03
sidS-1-5-21-58594938-1633628789-801526373-33438
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR03
Shared Printer (Name: \\USPRFP004\FARLIVPR04)
FARLIVPR04 (Order: 72)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR04
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR04
sidS-1-5-21-58594938-1633628789-801526373-33449
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR04
Shared Printer (Name: \\USPRFP004\FARLIVPR05)
FARLIVPR05 (Order: 73)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR05
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR05
sidS-1-5-21-58594938-1633628789-801526373-33439
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR05
Shared Printer (Name: \\USPRFP004\FARLIVPR06)
FARLIVPR06 (Order: 74)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR06
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR06
sidS-1-5-21-58594938-1633628789-801526373-33440
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR06
Shared Printer (Name: \\USPRFP004\FARLIVPR07)
FARLIVPR07 (Order: 75)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR07
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR07
sidS-1-5-21-58594938-1633628789-801526373-33441
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Shared Printer (Name: \\USPRFP004\FARLIVPR09)
FARLIVPR09 (Order: 76)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR09
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR09
sidS-1-5-21-58594938-1633628789-801526373-33442
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR09
Shared Printer (Name: \\USPRFP004\FARLIVPR11)
FARLIVPR11 (Order: 77)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR11
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR11
sidS-1-5-21-58594938-1633628789-801526373-33447
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR11
Shared Printer (Name: \\USPRFP004\FARLIVPR12)
FARLIVPR12 (Order: 78)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Description
AD GROUP:FARLIVPR12
Shared Printer (Name: \\USPRFP004\FARLIVPR12_B&W)
FARLIVPR12_B&W (Order: 79)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Description
AD GROUP:FARLIVPR12_B&W
Shared Printer (Name: \\USPRFP004\FARLIVPR13)
FARLIVPR13 (Order: 80)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Description
AD GROUP:FARLIVPR13
Shared Printer (Name: \\USPRFP004\FARLIVPR13_B&W)
FARLIVPR13_B&W (Order: 81)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Description
AD GROUP:FARLIVPR13_B&W
Shared Printer (Name: \\USPRFP004\FARLIVPR14_B&W)
FARLIVPR14_B&W (Order: 82)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Description
AD GROUP:FARLIVPR14_B&W
Shared Printer (Name: \\USPRFP004\FARLIVPR15)
FARLIVPR15 (Order: 83)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR15
sidS-1-5-21-58594938-1633628789-801526373-33445
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR15
Shared Printer (Name: \\USPRFP004\FARLIVPR15_B&W)
FARLIVPR15_B&W (Order: 84)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Description
AD GROUP:FARLIVPR15
Shared Printer (Name: \\usprfp005\FOLLOW_C)
FOLLOW_C (Order: 85)
General
ActionCreate
Properties
Share Path\\usprfp005\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.1
max192.168.22.254
Description
Chicago Printer Apply to IP range 192.168.20.1 - 192.168.20.255 and 192.168.22.129 - 192.168.22.255
Shared Printer (Name: \\usprfp005\FOLLOW_BW)
FOLLOW_BW (Order: 86)
General
ActionCreate
Properties
Share Path\\usprfp005\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.22.129
max192.168.22.255
Description
Chicago Printer Apply to IP range 192.168.20.1 - 192.168.20.255 and 192.168.22.129 - 192.168.22.255
Shared Printer (Name: \\usprfp004\FOLLOW_BW)
FOLLOW_BW (Order: 87)
General
ActionCreate
Properties
Share Path\\usprfp004\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.21
max192.168.56.230
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.64.4
max192.168.64.254
Description
Farmington Printer Is in the following range: 192.168.56.21 - 192.168.56.230 192.168.64.4 - 192.168.64.254
Shared Printer (Name: \\usprfp004\FOLLOW_C)
FOLLOW_C (Order: 88)
General
ActionCreate
Properties
Share Path\\usprfp004\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.64.1
max192.168.64.254
Description
Farmington Printer Is in the following range 192.168.56.21 - 192.168.56.230 192.168.64.4 - 192.168.64.254
Shared Printer (Name: \\USPRFP001\FOLLOW_BW)
FOLLOW_BW (Order: 112)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.1
max192.168.78.254
Description
Boston Is NOT in .76 or .78
FOLLOW_BW (Order: 89)
General
ActionCreate
Properties
Share Path\\USPRFP001\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.1
max192.168.78.254
Description
Boston Printer Is in the following range 192.168.76.22 - 192.168.76.254 192.168.78.134 - 192.168.78.24
Shared Printer (Name: \\USPRFP001\FOLLOW_C)
FOLLOW_C (Order: 111)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.78.1
max192.168.78.254
Description
Boston Is not in .76 and .78
FOLLOW_C (Order: 90)
General
ActionCreate
Properties
Share Path\\USPRFP001\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.76.1
max192.168.76.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.78.1
max192.168.78.254
Description
Boston Printer Is in the following range 192.168.76.22 - 192.168.76.254 192.168.78.134 - 192.168.78.249
Shared Printer (Name: \\IEPRFP001\DUBLIVPR01_BW-D)
DUBLIVPR01_BW-D (Order: 96)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.208.1
max192.168.208.254
Description
Delete Dublin B&W Printer if not on the 192.168.208.0 network
DUBLIVPR01_BW-D (Order: 94)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.208.1
max192.168.208.254
Description
Delete Dublin B&W Printer if not on the 192.168.208.0 network
DUBLIVPR01_BW-D (Order: 91)
General
ActionCreate
Properties
Share Path\\IEPRFP001\DUBLIVPR01_BW-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.208.1
max192.168.208.254
Description
Map Dublin B&W Printer
Shared Printer (Name: \\IEPRFP001\DUBLIVMP01_C-D)
DUBLIVMP01_C-D (Order: 95)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.208.1
max192.168.208.254
Description
Delete Dublin Colour Printer if not on the 192.168.208.0 network
DUBLIVMP01_C-D (Order: 92)
General
ActionCreate
Properties
Share Path\\IEPRFP001\DUBLIVMP01_C-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.208.1
max192.168.208.254
Description
Delete Dublin Colour Printer if on the 192.168.208.0 network
Shared Printer (Name: \\IEPRFP001\DUBLIVMP01_BW-D)
DUBLIVMP01_BW-D (Order: 93)
General
ActionCreate
Properties
Share Path\\IEPRFP001\DUBLIVMP01_BW-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.208.1
max192.168.208.254
Description
Map Dublin B&W Printer
Shared Printer (Name: \\USPRFP006\FOLLOW_C)
FOLLOW_C (Order: 115)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.14.1
max192.168.14.254
Description
NYC is NOT .12 and .14
FOLLOW_C (Order: 97)
General
ActionCreate
Properties
Share Path\\USPRFP006\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.14.1
max192.168.14.254
Description
New York is in: 192.168.12.1 - 192.168.12.254 Or 192.168.14.1 - 192.168.14.254
Shared Printer (Name: \\USPRFP006\FOLLOW_BW)
FOLLOW_BW (Order: 116)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.14.1
max192.168.14.254
Description
NYC is Not in .12 and .14
FOLLOW_BW (Order: 98)
General
ActionCreate
Properties
Share Path\\USPRFP006\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.14.1
max192.168.14.254
Description
New York User 192.168.12.1 192.168.12.254 Or Wireless 192.168.14.1 192.168.14.254
Shared Printer (Name: \\USPRFP009\FOLLOW_C)
FOLLOW_C (Order: 117)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.30.1
max192.168.30.254
Description
Philly Is Not in .28 and .30
FOLLOW_C (Order: 99)
General
ActionCreate
Properties
Share Path\\USPRFP009\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.30.1
max192.168.30.254
Description
Philly Is in .28 and .30
Shared Printer (Name: \\USPRFP009\FOLLOW_BW)
FOLLOW_BW (Order: 118)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.30.1
max192.168.30.254
Description
Philly is Not in .28 and .30
FOLLOW_BW (Order: 100)
General
ActionCreate
Properties
Share Path\\USPRFP009\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.28.1
max192.168.28.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.30.1
max192.168.30.254
Description
Philly If in .30 and .28
Shared Printer (Name: \\USPRFP003\FOLLOW_C)
FOLLOW_C (Order: 119)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.112.1
max192.168.112.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.114.1
max192.168.114.254
Description
MN is Not in .112 and .114
FOLLOW_C (Order: 101)
General
ActionCreate
Properties
Share Path\\USPRFP003\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.112.1
max192.168.112.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.114.1
max192.168.114.254
Description
Bloomington .112 and .114
Shared Printer (Name: \\USPRFP003\FOLLOW_BW)
FOLLOW_BW (Order: 120)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.112.1
max192.168.112.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.114.1
max192.168.114.254
Description
Bloomington Is Not .112 and .114
FOLLOW_BW (Order: 102)
General
ActionCreate
Properties
Share Path\\USPRFP003\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.112.1
max192.168.112.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.114.1
max192.168.114.254
Description
Bloomington .112 and .114
Shared Printer (Name: \\USPRFP007\FOLLOW_C)
FOLLOW_C (Order: 121)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.1
max192.168.50.254
Description
SF is NOT in .48 and .50
FOLLOW_C (Order: 103)
General
ActionCreate
Properties
Share Path\\USPRFP007\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.1
max192.168.50.254
Description
San Fran .48 and .50
Shared Printer (Name: \\USPRFP007\FOLLOW_BW)
FOLLOW_BW (Order: 122)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.50.1
max192.168.50.254
Description
SF Is Not in .48 and .50
FOLLOW_BW (Order: 104)
General
ActionCreate
Properties
Share Path\\USPRFP007\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.48.1
max192.168.48.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.50.1
max192.168.50.254
Description
San Fran .48 and .50
Shared Printer (Name: \\GLNLIVPS01\FOLLOW_C)
FOLLOW_C (Order: 123)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.108.1
max192.168.108.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.110.1
max192.168.110.254
Description
Glendale is NOT in .108 and .110
FOLLOW_C (Order: 105)
General
ActionCreate
Properties
Share Path\\GLNLIVPS01\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.108.1
max192.168.108.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.110.1
max192.168.110.254
Description
.108 and .110
Shared Printer (Name: \\GLNLIVPS01\FOLLOW_BW)
FOLLOW_BW (Order: 124)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.108.1
max192.168.108.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.110.1
max192.168.110.254
Description
Glendale is Not in .108 and .110
FOLLOW_BW (Order: 106)
General
ActionCreate
Properties
Share Path\\GLNLIVPS01\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.108.1
max192.168.108.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.110.1
max192.168.110.254
Description
Glendale .108 and .110
Shared Printer (Name: \\USPRFP010\FOLLOW_C)
FOLLOW_C (Order: 147)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.104.1
max192.168.104.255
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.106.129
max192.168.106.254
FOLLOW_C (Order: 107)
General
ActionCreate
Properties
Share Path\\USPRFP010\FOLLOW_C
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.104.1
max192.168.104.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.106.1
max192.168.106.254
Description
Atlanta .104 and .106
Shared Printer (Name: \\USPRFP010\FOLLOW_BW)
FOLLOW_BW (Order: 145)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.104.1
max192.168.104.255
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.106.129
max192.168.106.254
Description
is not .104 or .106
FOLLOW_BW (Order: 108)
General
ActionCreate
Properties
Share Path\\USPRFP010\FOLLOW_BW
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.104.1
max192.168.104.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.106.1
max192.168.106.254
Description
Atlanta .104 and .106
Shared Printer (Name: \\USPRFP004\FOLLOW_C)
FOLLOW_C (Order: 109)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.56.1
max192.168.56.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.64.1
max192.168.64.254
Description
Farmington If NOT in .56 And .64
Shared Printer (Name: \\USPRFP004\FOLLOW_BW)
FOLLOW_BW (Order: 110)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.56.1
max192.168.56.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.64.1
max192.168.64.254
Description
Farmington Is NOT in .56 and .64
Shared Printer (Name: \\USPRFP005\FOLLOW_C)
FOLLOW_C (Order: 113)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.1
max192.168.22.254
Description
Chicago NOt in .20 and .22
Shared Printer (Name: \\USPRFP005\FOLLOW_BW)
FOLLOW_BW (Order: 114)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.20.1
max192.168.20.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.22.1
max192.168.22.254
Description
Chicago is NOT in .20 and .22
Shared Printer (Name: \\USPRFP006\NYCLIVPR03)
NYCLIVPR03 (Order: 126)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.14.1
max192.168.14.254
NYCLIVPR03 (Order: 125)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR03
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.14.1
max192.168.14.254
Shared Printer (Name: \\USPRFP006\NYCLIVPR07 B&W Duplex)
NYCLIVPR07 B&W Duplex (Order: 130)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.14.1
max192.168.14.254
NYCLIVPR07 B&W Duplex (Order: 129)
General
ActionCreate
Properties
Share Path\\USPRFP006\NYCLIVPR07 B&W Duplex
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.12.1
max192.168.12.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.14.1
max192.168.14.254
Shared Printer (Name: \\SGPRFP001\SNGLIVMP02_BW-D)
SNGLIVMP02_BW-D (Order: 133)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.240.1
max192.168.240.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.242.1
max192.168.242.254
SNGLIVMP02_BW-D (Order: 131)
General
ActionCreate
Properties
Share Path\\SGPRFP001\SNGLIVMP02_BW-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.240.1
max192.168.240.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.242.0
max192.168.242.254
Description
.240 and .242 (SNG)
Shared Printer (Name: \\SGPRFP001\SNGLIVMP02_C-D)
SNGLIVMP02_C-D (Order: 134)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.240.1
max192.168.240.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.242.1
max192.168.242.254
Description
Not in .240 and .242
SNGLIVMP02_C-D (Order: 132)
General
ActionCreate
Properties
Share Path\\SGPRFP001\SNGLIVMP02_C-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.240.1
max192.168.240.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.242.1
max192.168.242.254
Description
.240 and .242 (SNG)
Shared Printer (Name: \\HKPRFP001\HKGLIVMP01_BW-D)
HKGLIVMP01_BW-D (Order: 137)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.192.1
max192.168.192.254
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.194.1
max192.168.194.254
HKGLIVMP01_BW-D (Order: 135)
General
ActionCreate
Properties
Share Path\\HKPRFP001\HKGLIVMP01_BW-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.194.1
max192.168.194.255
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.192.1
max192.168.192.255
Shared Printer (Name: \\HKPRFP001\HKGLIVPR01_C-D)
HKGLIVPR01_C-D (Order: 138)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.192.1
max192.168.192.245
Item-level targeting: IP Address Range
AttributeValue
boolAND
not1
min192.168.194.1
max192.168.194.254
HKGLIVPR01_C-D (Order: 136)
General
ActionCreate
Properties
Share Path\\HKPRFP001\HKGLIVPR01_C-D
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.192.1
max192.168.192.254
Item-level targeting: IP Address Range
AttributeValue
boolOR
not0
min192.168.194.1
max192.168.194.254
Shared Printer (Name: \\ATLLIVPS01\FOLLOW_BW)
FOLLOW_BW (Order: 139)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Shared Printer (Name: \\ATLLIVPS01\FOLLOW_C)
FOLLOW_C (Order: 140)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Apply once and do not reapplyNo
Shared Printer (Name: \\USPRFP004\FARLIVPR16)
FARLIVPR16 (Order: 146)
General
ActionCreate
Properties
Share Path\\USPRFP004\FARLIVPR16
Set this printer as default printerFalse
Local Port
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameBFL\FARLIVPR16
sidS-1-5-21-58594938-1633628789-801526373-33446
userContext1
primaryGroup0
localGroup0
Item-level targeting: IP Address Range
AttributeValue
boolAND
not0
min192.168.56.1
max192.168.56.254
Description
AD GROUP:FARLIVPR16
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR01)
BOSLIVPR01 (Order: 148)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR01_B&W)
BOSLIVPR01_B&W (Order: 149)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR03)
BOSLIVPR03 (Order: 151)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR04)
BOSLIVPR04 (Order: 152)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR04_B&W)
BOSLIVPR04_B&W (Order: 153)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR05)
BOSLIVPR05 (Order: 154)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR06)
BOSLIVPR06 (Order: 155)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\BOSLIVPR06_B&W)
BOSLIVPR06_B&W (Order: 156)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPR01\FOLLOW_BW)
FOLLOW_BW (Order: 157)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shared Printer (Name: \\BOSLIVPS01\FOLLOW_C)
FOLLOW_C (Order: 158)
General
ActionDelete
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
EnableObjectAccessAuditing
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
EnableObjectAccessAuditing
Data collected on: 23/04/2025 10:47:17
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/10/2010 13:04:42
Modified15/09/2020 21:57:24
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{9AEE18E9-6025-4E81-B5E0-9C9B31C949B8}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit object accessSuccess, Failure
User Configuration (Disabled)
No settings defined.
GBL Disable Dynamic DNS on Servers
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Disable Dynamic DNS on Servers
Data collected on: 23/04/2025 10:47:17
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created03/11/2010 15:36:48
Modified15/09/2020 21:57:46
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions6 (AD), 6 (SYSVOL)
Unique ID{9F6333EE-ECA8-4ED7-B640-CAC6BFBBE298}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
bflYesEnabledbfl.local

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\GBL Disable Dynamic DNS on Servers
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\GBL Disable Dynamic DNS on ServersRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/DNS Client
PolicySettingComment
Dynamic updateEnabled
User Configuration (Disabled)
No settings defined.
UK Internet Mail Server Lockdown Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK Internet Mail Server Lockdown Policy
Data collected on: 23/04/2025 10:47:17
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created16/11/2010 13:41:26
Modified15/09/2020 21:57:46
User Revisions310 (AD), 310 (SYSVOL)
Computer Revisions39 (AD), 39 (SYSVOL)
Unique ID{09C386B2-EFB1-4CD7-8D18-DC4BB50D1C30}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\y_hayadCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Rename administrator account"ntmaster"
Devices
PolicySetting
Devices: Prevent users from installing printer driversEnabled
Devices: Restrict CD-ROM access to locally logged-on user onlyEnabled
Devices: Restrict floppy access to locally logged-on user onlyEnabled
Domain Member
PolicySetting
Domain member: Digitally encrypt secure channel data (when possible)Enabled
Domain member: Digitally sign secure channel data (when possible)Enabled
Interactive Logon
PolicySetting
Interactive logon: Do not display last user nameEnabled
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (if server agrees)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (if client agrees)Enabled
System Services
Browser (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Offline Files
PolicySettingComment
Remove "Make Available Offline" commandEnabled
System/Group Policy
PolicySettingComment
Configure folder redirection policy processingDisabled
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
System/Logon
PolicySettingComment
Turn off Windows Startup soundEnabled
System/User Profiles
PolicySettingComment
Control slow network connection timeout for user profilesEnabled
Connection speed (Kbps):4000000000
Time (milliseconds)120
PolicySettingComment
Delete user profiles older than a specified number of days on system restartEnabled
Delete user profiles older than (days)30
PolicySettingComment
Only allow local user profilesEnabled
Set maximum wait time for the network if a user has a roaming user profile or remote home directoryEnabled
Wait for network for maximum (seconds)1
PolicySettingComment
Wait for remote user profileDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session1 hour
Windows Components/Windows Installer
PolicySettingComment
Turn off Windows InstallerEnabled
Disable Windows InstallerFor non-managed applications only
Preferences
Windows Settings
Registry
PortNumber (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
Value namePortNumber
Value typeREG_DWORD
Value data0xA627 (42535)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
Policies
Windows Settings
Folder Redirection
Desktop
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to DesktopDisabled
Move the contents of Desktop to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsEnabled
Policy Removal BehaviorRestore contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Documents
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to DocumentsEnabled
Move the contents of Documents to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsEnabled
Policy Removal BehaviorRestore contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Favorites
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to FavoritesEnabled
Move the contents of Favorites to the new locationEnabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Music
Setting: Follow the Documents folder
Pictures
Setting: Follow the Documents folder
Videos
Setting: Follow the Documents folder
Internet Explorer Maintenance
Browser User Interface/Customized Title Bar
Title Bar Text
Internet Mail
Connection/Automatic Browser Configuration
PolicySetting
Automatically detect configuration settingsDisabled
Automatic Browser ConfigurationNot configured
Connection/Proxy Settings
Enable proxy settings
ProtocolServerPort
HTTPukprca0058080
Secureukprca0058080
FTPukprca0058080
Gopherukprca0058080
Socksukprca0058080
Exceptions:Do not use proxy server for addresses beginning with
Do not use proxy server for local (intranet) addressesEnabled
Security/Security Zones and Content Ratings
Security Zones and Privacy
These settings will not apply to users that log on to computers that have the Internet Explorer Enhanced Security Configuration (ESC) enabled. To create settings for users on computers that have ESC enabled, create a new GPO and edit that GPO on a computer where ESC is enabled.
Internet (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsPrompt
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching applications and unsafe filesPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Local intranet (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Run ActiveX controls and plug-insEnable
Scripting
Active scriptingEnable
Sites
Require server verification (https:) for all sites in this zoneDisabled
Include all local (intranet) sites not listed in other zonesDisabled
Include all sites that bypass the proxy serverDisabled
Include all network paths (UNCs)Disabled
Sites in this zone
https://127.0.0.1/
https://uk01320/
Trusted sites (Security Level: Medium)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Sites
Require server verification (https:) for all sites in this zoneDisabled
Sites in this zone
None
Restricted sites (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeDisable
Run components signed with AuthenticodeDisable
ActiveX controls and plug-ins
Run ActiveX controls and plug-insDisable
Microsoft VM
Java permissionsDisable Java
Scripting
Active scriptingDisable
Sites
Sites in this zone
None
Privacy
Privacy LevelMedium
Web Sites
Always allowyahoo.co.uk
Always blockNone
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Prohibit access to Control Panel and PC settingsEnabled
Control Panel/Printers
PolicySettingComment
Prevent addition of printersEnabled
Desktop
PolicySettingComment
Hide and disable all items on the desktopEnabled
Hide Network Locations icon on desktopEnabled
Prohibit adjusting desktop toolbarsEnabled
Prohibit User from manually redirecting Profile FoldersEnabled
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Network/Offline Files
PolicySettingComment
Synchronize all offline files when logging onDisabled
Start Menu Administrative Tools(CustomADM)
PolicySettingComment
Remove Administrative Tools from Start MenuEnabled
Set the Administrative Tools to:Hidden
Start Menu and Taskbar
PolicySettingComment
Clear history of recently opened documents on exitEnabled
Clear the recent programs list for new usersEnabled
Do not keep history of recently opened documentsEnabled
Do not search for filesEnabled
Do not search programs and Control Panel itemsEnabled
Do not use the search-based method when resolving shell shortcutsEnabled
Lock all taskbar settingsEnabled
Prevent changes to Taskbar and Start Menu SettingsEnabled
Prevent users from adding or removing toolbarsEnabled
Prevent users from customizing their Start ScreenEnabled
Remove access to the context menus for the taskbarEnabled
Remove All Programs list from the Start menuEnabled
Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commandsEnabled
Remove Balloon Tips on Start Menu itemsEnabled
Remove common program groups from Start MenuEnabled
Remove Default Programs link from the Start menu.Enabled
Remove Documents icon from Start MenuEnabled
Remove Favorites menu from Start MenuEnabled
Remove frequent programs list from the Start MenuEnabled
Remove Games link from Start MenuEnabled
Remove Help menu from Start MenuEnabled
Remove links and access to Windows UpdateEnabled
Remove Music icon from Start MenuEnabled
Remove Network Connections from Start MenuEnabled
Remove Network icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove pinned programs list from the Start MenuEnabled
Remove programs on Settings menuEnabled
Remove Recent Items menu from Start MenuEnabled
Remove Run menu from Start MenuEnabled
Remove Search Computer linkEnabled
Remove Search link from Start MenuEnabled
Remove the networking iconEnabled
Remove user folder link from Start MenuEnabled
Show QuickLaunch on TaskbarDisabled
Turn off all balloon notificationsEnabled
Turn off notification area cleanupEnabled
System
PolicySettingComment
Do not display the Getting Started welcome screen at logonEnabled
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?Yes
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
System/Ctrl+Alt+Del Options
PolicySettingComment
Remove Task ManagerEnabled
System/Driver Installation
PolicySettingComment
Configure driver search locationsEnabled
Do not search floppy disk drivesEnabled
Do not search CD-ROM drivesEnabled
Do not search Windows UpdateEnabled
System/Folder Redirection
PolicySettingComment
Do not automatically make all redirected folders available offlineEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Desktop Gadgets
PolicySettingComment
Turn off desktop gadgetsEnabled
Windows Components/File Explorer
PolicySettingComment
Do not allow Folder Options to be opened from the Options button on the View tab of the ribbonEnabled
Do not display the Welcome Center at user logonEnabled
Hide these specified drives in My ComputerEnabled
Pick one of the following combinationsRestrict all drives
PolicySettingComment
Hides the Manage item on the File Explorer context menuEnabled
No Computers Near Me in Network LocationsEnabled
No Entire Network in Network LocationsEnabled
Prevent access to drives from My ComputerEnabled
Pick one of the following combinationsRestrict A, B, C and D drives only
PolicySettingComment
Remove "Map Network Drive" and "Disconnect Network Drive"Enabled
Remove File Explorer's default context menuEnabled
Remove File menu from File ExplorerEnabled
Remove Hardware tabEnabled
Remove Search button from File ExplorerEnabled
Remove Security tabEnabled
Remove Shared Documents from My ComputerEnabled
Turn off Windows+X hotkeysEnabled
Windows Components/Instant Search
PolicySettingComment
Custom Instant Search Internet search providerEnabled
The string or DLL resource from which to load the string shown in the Instant Search menu.Google
The URL to use when invoking the custom Internet search, with the search term indicated by "%w".http://www.google.com/search?q=%w
Windows Components/Internet Explorer
PolicySettingComment
Configure Media Explorer BarEnabled
Disable the Media Explorer Bar and auto-play featureEnabled
Auto-Play Media files in the Media bar when enabledDisabled
PolicySettingComment
Disable AutoComplete for formsEnabled
Disable changing Advanced page settingsEnabled
Disable changing Automatic Configuration settingsEnabled
Disable changing Calendar and Contact settingsEnabled
Disable changing certificate settingsEnabled
Disable changing color settingsEnabled
Disable changing connection settingsEnabled
Disable changing default browser checkEnabled
Disable changing font settingsEnabled
Disable changing home page settingsEnabled
Home Pagehttp://www.google.com
PolicySettingComment
Disable changing language settingsEnabled
Disable changing link color settingsEnabled
Disable changing Messaging settingsEnabled
Disable changing Profile Assistant settingsEnabled
Disable changing ratings settingsEnabled
Disable changing Temporary Internet files settingsEnabled
Disable external branding of Internet ExplorerEnabled
Disable Internet Connection wizardEnabled
Disable the Reset Web Settings featureEnabled
Do not allow users to enable or disable add-onsEnabled
Identity Manager: Prevent users from using IdentitiesEnabled
Prevent "Fix settings" functionalityEnabled
Prevent access to Internet Explorer HelpEnabled
Prevent changing proxy settingsEnabled
Prevent Internet Explorer Search box from appearingEnabled
Prevent managing the phishing filterEnabled
Select phishing filter modeAutomatic
PolicySettingComment
Prevent participation in the Customer Experience Improvement ProgramEnabled
Prevent running First Run wizardEnabled
Select your choiceGo directly to home page
PolicySettingComment
Turn off configuration of pop-up windows in tabbed browsingEnabled
Select tabbed browsing pop-up behaviorLet Internet Explorer decide
PolicySettingComment
Turn off Crash DetectionEnabled
Turn off the Security Settings Check featureEnabled
Windows Components/Internet Explorer/Browser menus
PolicySettingComment
Disable Save this program to disk optionEnabled
File menu: Disable New menu optionEnabled
File menu: Disable Open menu optionEnabled
File menu: Disable Save As Web Page CompleteEnabled
File menu: Disable Save As... menu optionEnabled
Help menu: Remove 'For Netscape Users' menu optionEnabled
Help menu: Remove 'Send Feedback' menu optionEnabled
Help menu: Remove 'Tip of the Day' menu optionEnabled
Help menu: Remove 'Tour' menu optionEnabled
Tools menu: Disable Internet Options... menu optionDisabled
Turn off Shortcut MenuEnabled
View menu: Disable Source menu optionEnabled
Windows Components/Internet Explorer/Delete Browsing History
PolicySettingComment
Prevent the deletion of temporary Internet files and cookiesDisabled
Windows Components/Internet Explorer/Internet Control Panel
PolicySettingComment
Disable the Advanced pageEnabled
Disable the Connections pageEnabled
Disable the Content pageEnabled
Disable the General pageEnabled
Disable the Privacy pageEnabled
Disable the Programs pageEnabled
Disable the Security pageEnabled
Windows Components/Internet Explorer/Internet Control Panel/Advanced Page
PolicySettingComment
Do not allow resetting Internet Explorer settingsEnabled
Windows Components/Internet Explorer/Internet Settings/Advanced settings/Searching
PolicySettingComment
Prevent configuration of search on Address barEnabled
When searching from the address bar:Do not search from the address bar
Windows Components/Internet Explorer/Security Features/Add-on Management
PolicySettingComment
Add-on ListEnabled
Add-on List 
{233C1507-6A77-46A4-9443-F871F945D258}1
{D27CDB6E-AE6D-11CF-96B8-444553540000}1
Windows Components/Internet Explorer/Toolbars
PolicySettingComment
Turn off toolbar upgrade toolEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
Server ManagerDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Device and Resource Redirection
PolicySettingComment
Allow time zone redirectionEnabled
Do not allow Clipboard redirectionEnabled
Windows Components/Task Scheduler
PolicySettingComment
Prevent Task Run or EndEnabled
Prohibit New Task CreationEnabled
Windows Components/Windows Error Reporting
PolicySettingComment
Disable Windows Error ReportingEnabled
Windows Components/Windows Mail
PolicySettingComment
Turn off Windows Mail applicationEnabled
Windows Components/Windows Media Center
PolicySettingComment
Do not allow Windows Media Center to runEnabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Windows Components/Windows SideShow
PolicySettingComment
Turn off Windows SideShowEnabled
Windows Components/Windows Update
PolicySettingComment
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Remove access to use all Windows Update featuresEnabled
Configure notifications: 
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1
BFL Screen Saver Lockdown - All other sites
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Screen Saver Lockdown - All other sites
Data collected on: 23/04/2025 10:47:18
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created21/01/2011 19:20:02
Modified15/09/2020 21:57:54
User Revisions4 (AD), 4 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{1F4504B1-DFB1-4D16-A9A1-8603BE09865C}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Accounts UserNoEnabledbfl.local/Accounts User
Support OperationsNoEnabledbfl.local/Accounts User/London/IT/Support Operations

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
WMI Filtering
WMI Filter NameNot Llyods Computers
DescriptionTrue if computer is NOT in the Lloyds AD site
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\lockingCustomNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Force specific screen saverEnabled
Screen saver executable nameBeaz4069.scr
PolicySettingComment
Password protect the screen saverEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:600
US internet Mail Server Lockdown Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US internet Mail Server Lockdown Policy
Data collected on: 23/04/2025 10:47:18
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created26/01/2011 13:23:08
Modified15/09/2020 21:57:54
User Revisions4 (AD), 4 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{7AA5A5C5-7F05-45F5-8E47-889636C60F81}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\y_hayadCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Rename administrator account"ntmaster"
Devices
PolicySetting
Devices: Prevent users from installing printer driversEnabled
Devices: Restrict CD-ROM access to locally logged-on user onlyEnabled
Devices: Restrict floppy access to locally logged-on user onlyEnabled
Domain Member
PolicySetting
Domain member: Digitally encrypt secure channel data (when possible)Enabled
Domain member: Digitally sign secure channel data (when possible)Enabled
Interactive Logon
PolicySetting
Interactive logon: Do not display last user nameEnabled
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (if server agrees)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (if client agrees)Enabled
System Services
Browser (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Offline Files
PolicySettingComment
Remove "Make Available Offline" commandEnabled
System/Group Policy
PolicySettingComment
Configure folder redirection policy processingDisabled
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
System/Logon
PolicySettingComment
Turn off Windows Startup soundEnabled
System/User Profiles
PolicySettingComment
Control slow network connection timeout for user profilesEnabled
Connection speed (Kbps):4000000000
Time (milliseconds)120
PolicySettingComment
Delete user profiles older than a specified number of days on system restartEnabled
Delete user profiles older than (days)30
PolicySettingComment
Only allow local user profilesEnabled
Set maximum wait time for the network if a user has a roaming user profile or remote home directoryEnabled
Wait for network for maximum (seconds)1
PolicySettingComment
Wait for remote user profileDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session1 hour
Windows Components/Windows Installer
PolicySettingComment
Turn off Windows InstallerEnabled
Disable Windows InstallerFor non-managed applications only
Preferences
Windows Settings
Registry
PortNumber (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
Value namePortNumber
Value typeREG_DWORD
Value data0xA627 (42535)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
Policies
Windows Settings
Folder Redirection
Desktop
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to DesktopDisabled
Move the contents of Desktop to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsEnabled
Policy Removal BehaviorRestore contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Documents
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to DocumentsEnabled
Move the contents of Documents to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsEnabled
Policy Removal BehaviorRestore contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Favorites
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to FavoritesEnabled
Move the contents of Favorites to the new locationEnabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Music
Setting: Follow the Documents folder
Pictures
Setting: Follow the Documents folder
Videos
Setting: Follow the Documents folder
Internet Explorer Maintenance
Browser User Interface/Customized Title Bar
Title Bar Text
Internet Mail
Connection/Automatic Browser Configuration
PolicySetting
Automatically detect configuration settingsDisabled
Automatic Browser ConfigurationNot configured
Connection/Proxy Settings
Enable proxy settings
ProtocolServerPort
HTTPUSPRCA0148080
SecureUSPRCA0148080
FTPUSPRCA0148080
GopherUSPRCA0148080
SocksUSPRCA0148080
Exceptions:Do not use proxy server for addresses beginning with
Do not use proxy server for local (intranet) addressesEnabled
Security/Security Zones and Content Ratings
Security Zones and Privacy
These settings will not apply to users that log on to computers that have the Internet Explorer Enhanced Security Configuration (ESC) enabled. To create settings for users on computers that have ESC enabled, create a new GPO and edit that GPO on a computer where ESC is enabled.
Internet (Security Level: Medium-high)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Local intranet (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Run ActiveX controls and plug-insEnable
Scripting
Active scriptingEnable
Sites
Require server verification (https:) for all sites in this zoneDisabled
Include all local (intranet) sites not listed in other zonesDisabled
Include all sites that bypass the proxy serverDisabled
Include all network paths (UNCs)Disabled
Sites in this zone
https://127.0.0.1/
https://uk01320/
Trusted sites (Security Level: Medium)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Sites
Require server verification (https:) for all sites in this zoneEnabled
Sites in this zone
None
Restricted sites (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeDisable
Run components signed with AuthenticodeDisable
ActiveX controls and plug-ins
Run ActiveX controls and plug-insDisable
Microsoft VM
Java permissionsDisable Java
Scripting
Active scriptingDisable
Sites
Sites in this zone
None
Privacy
Privacy LevelMedium
Web Sites
Always allowNone
Always blockNone
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Prohibit access to Control Panel and PC settingsEnabled
Control Panel/Printers
PolicySettingComment
Prevent addition of printersEnabled
Desktop
PolicySettingComment
Hide and disable all items on the desktopEnabled
Hide Network Locations icon on desktopEnabled
Prohibit adjusting desktop toolbarsEnabled
Prohibit User from manually redirecting Profile FoldersEnabled
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Network/Offline Files
PolicySettingComment
Synchronize all offline files when logging onDisabled
Start Menu Administrative Tools(CustomADM)
PolicySettingComment
Remove Administrative Tools from Start MenuEnabled
Set the Administrative Tools to:Hidden
Start Menu and Taskbar
PolicySettingComment
Clear history of recently opened documents on exitEnabled
Clear the recent programs list for new usersEnabled
Do not keep history of recently opened documentsEnabled
Do not search for filesEnabled
Do not search programs and Control Panel itemsEnabled
Do not use the search-based method when resolving shell shortcutsEnabled
Lock all taskbar settingsEnabled
Prevent changes to Taskbar and Start Menu SettingsEnabled
Prevent users from adding or removing toolbarsEnabled
Prevent users from customizing their Start ScreenEnabled
Remove access to the context menus for the taskbarEnabled
Remove All Programs list from the Start menuEnabled
Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commandsEnabled
Remove Balloon Tips on Start Menu itemsEnabled
Remove common program groups from Start MenuEnabled
Remove Default Programs link from the Start menu.Enabled
Remove Documents icon from Start MenuEnabled
Remove Favorites menu from Start MenuEnabled
Remove frequent programs list from the Start MenuEnabled
Remove Games link from Start MenuEnabled
Remove Help menu from Start MenuEnabled
Remove links and access to Windows UpdateEnabled
Remove Music icon from Start MenuEnabled
Remove Network Connections from Start MenuEnabled
Remove Network icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove pinned programs list from the Start MenuEnabled
Remove programs on Settings menuEnabled
Remove Recent Items menu from Start MenuEnabled
Remove Run menu from Start MenuEnabled
Remove Search Computer linkEnabled
Remove Search link from Start MenuEnabled
Remove the networking iconEnabled
Remove user folder link from Start MenuEnabled
Show QuickLaunch on TaskbarDisabled
Turn off all balloon notificationsEnabled
Turn off notification area cleanupEnabled
System
PolicySettingComment
Do not display the Getting Started welcome screen at logonEnabled
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?Yes
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
System/Ctrl+Alt+Del Options
PolicySettingComment
Remove Task ManagerEnabled
System/Driver Installation
PolicySettingComment
Configure driver search locationsEnabled
Do not search floppy disk drivesEnabled
Do not search CD-ROM drivesEnabled
Do not search Windows UpdateEnabled
System/Folder Redirection
PolicySettingComment
Do not automatically make all redirected folders available offlineEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Desktop Gadgets
PolicySettingComment
Turn off desktop gadgetsEnabled
Windows Components/File Explorer
PolicySettingComment
Do not allow Folder Options to be opened from the Options button on the View tab of the ribbonEnabled
Do not display the Welcome Center at user logonEnabled
Hide these specified drives in My ComputerEnabled
Pick one of the following combinationsRestrict all drives
PolicySettingComment
Hides the Manage item on the File Explorer context menuEnabled
No Computers Near Me in Network LocationsEnabled
No Entire Network in Network LocationsEnabled
Prevent access to drives from My ComputerEnabled
Pick one of the following combinationsRestrict A, B, C and D drives only
PolicySettingComment
Remove "Map Network Drive" and "Disconnect Network Drive"Enabled
Remove File Explorer's default context menuEnabled
Remove File menu from File ExplorerEnabled
Remove Hardware tabEnabled
Remove Search button from File ExplorerEnabled
Remove Security tabEnabled
Remove Shared Documents from My ComputerEnabled
Turn off Windows+X hotkeysEnabled
Windows Components/Instant Search
PolicySettingComment
Custom Instant Search Internet search providerEnabled
The string or DLL resource from which to load the string shown in the Instant Search menu.Google
The URL to use when invoking the custom Internet search, with the search term indicated by "%w".http://www.google.com/search?q=%w
Windows Components/Internet Explorer
PolicySettingComment
Configure Media Explorer BarEnabled
Disable the Media Explorer Bar and auto-play featureEnabled
Auto-Play Media files in the Media bar when enabledDisabled
PolicySettingComment
Disable AutoComplete for formsEnabled
Disable changing Advanced page settingsEnabled
Disable changing Automatic Configuration settingsEnabled
Disable changing Calendar and Contact settingsEnabled
Disable changing certificate settingsEnabled
Disable changing color settingsEnabled
Disable changing connection settingsEnabled
Disable changing default browser checkEnabled
Disable changing font settingsEnabled
Disable changing home page settingsEnabled
Home Pagehttp://www.google.com
PolicySettingComment
Disable changing language settingsEnabled
Disable changing link color settingsEnabled
Disable changing Messaging settingsEnabled
Disable changing Profile Assistant settingsEnabled
Disable changing ratings settingsEnabled
Disable changing Temporary Internet files settingsEnabled
Disable external branding of Internet ExplorerEnabled
Disable Internet Connection wizardEnabled
Disable the Reset Web Settings featureEnabled
Do not allow users to enable or disable add-onsEnabled
Identity Manager: Prevent users from using IdentitiesEnabled
Prevent "Fix settings" functionalityEnabled
Prevent access to Internet Explorer HelpEnabled
Prevent changing proxy settingsEnabled
Prevent Internet Explorer Search box from appearingEnabled
Prevent managing the phishing filterEnabled
Select phishing filter modeAutomatic
PolicySettingComment
Prevent participation in the Customer Experience Improvement ProgramEnabled
Prevent running First Run wizardEnabled
Select your choiceGo directly to home page
PolicySettingComment
Turn off configuration of pop-up windows in tabbed browsingEnabled
Select tabbed browsing pop-up behaviorLet Internet Explorer decide
PolicySettingComment
Turn off Crash DetectionEnabled
Turn off the Security Settings Check featureEnabled
Windows Components/Internet Explorer/Browser menus
PolicySettingComment
Disable Save this program to disk optionEnabled
File menu: Disable New menu optionEnabled
File menu: Disable Open menu optionEnabled
File menu: Disable Save As Web Page CompleteEnabled
File menu: Disable Save As... menu optionEnabled
Help menu: Remove 'For Netscape Users' menu optionEnabled
Help menu: Remove 'Send Feedback' menu optionEnabled
Help menu: Remove 'Tip of the Day' menu optionEnabled
Help menu: Remove 'Tour' menu optionEnabled
Tools menu: Disable Internet Options... menu optionDisabled
Turn off Shortcut MenuEnabled
View menu: Disable Source menu optionEnabled
Windows Components/Internet Explorer/Delete Browsing History
PolicySettingComment
Prevent the deletion of temporary Internet files and cookiesDisabled
Windows Components/Internet Explorer/Internet Control Panel
PolicySettingComment
Disable the Advanced pageEnabled
Disable the Connections pageEnabled
Disable the Content pageEnabled
Disable the General pageEnabled
Disable the Privacy pageEnabled
Disable the Programs pageEnabled
Disable the Security pageEnabled
Windows Components/Internet Explorer/Internet Control Panel/Advanced Page
PolicySettingComment
Do not allow resetting Internet Explorer settingsEnabled
Windows Components/Internet Explorer/Internet Settings/Advanced settings/Searching
PolicySettingComment
Prevent configuration of search on Address barEnabled
When searching from the address bar:Do not search from the address bar
Windows Components/Internet Explorer/Security Features/Add-on Management
PolicySettingComment
Add-on ListEnabled
Add-on List 
{233C1507-6A77-46A4-9443-F871F945D258}1
{D27CDB6E-AE6D-11CF-96B8-444553540000}1
Windows Components/Internet Explorer/Toolbars
PolicySettingComment
Turn off toolbar upgrade toolEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
Server ManagerDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Device and Resource Redirection
PolicySettingComment
Allow time zone redirectionEnabled
Do not allow Clipboard redirectionEnabled
Windows Components/Task Scheduler
PolicySettingComment
Prevent Task Run or EndEnabled
Prohibit New Task CreationEnabled
Windows Components/Windows Error Reporting
PolicySettingComment
Disable Windows Error ReportingEnabled
Windows Components/Windows Mail
PolicySettingComment
Turn off Windows Mail applicationEnabled
Windows Components/Windows Media Center
PolicySettingComment
Do not allow Windows Media Center to runEnabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Windows Components/Windows SideShow
PolicySettingComment
Turn off Windows SideShowEnabled
Windows Components/Windows Update
PolicySettingComment
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Remove access to use all Windows Update featuresEnabled
Configure notifications: 
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1
GBL - Disable Internet caching of proxy scripts
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL - Disable Internet caching of proxy scripts
Data collected on: 23/04/2025 10:47:18
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created08/03/2011 18:33:44
Modified15/09/2020 21:57:54
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{58828A6E-1877-4FAB-8C1F-9F38D62BE72D}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Accounts UserNoDisabledbfl.local/Accounts User
Support OperationsNoDisabledbfl.local/Accounts User/London/IT/Support Operations

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Explorer
PolicySettingComment
Disable caching of Auto-Proxy scriptsEnabled
GBL WSUS Security Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL WSUS Security Policy
Data collected on: 23/04/2025 10:47:18
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created12/04/2011 18:23:58
Modified09/01/2024 17:09:38
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions6 (AD), 6 (SYSVOL)
Unique ID{A3917358-8205-4E53-B867-6D53DFE10C6E}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DevelopmentNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions/Development

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesEnabled
Configure automatic updating:4 - Auto download and schedule the install
The following settings are only required and applicable if 4 is selected.
Install during automatic maintenanceDisabled
Scheduled install day: 6 - Every Friday
Scheduled install time:03:00
PolicySettingComment
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog boxEnabled
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Specify intranet Microsoft update service locationEnabled
Set the intranet update service for detecting updates:usprim072.bfl.local:8530
Set the intranet statistics server:usprim072.bfl.local:8530
(example: http://IntranetUpd01)
User Configuration (Disabled)
No settings defined.
BFL DevServers-LocalAdmins
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL DevServers-LocalAdmins
Data collected on: 23/04/2025 10:47:19
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created12/05/2011 14:54:34
Modified15/09/2020 21:58:00
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions8 (AD), 8 (SYSVOL)
Unique ID{A5BC4998-E15B-4E11-94F7-86FB254B308A}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
DevelopmentNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions/Development
DevelopmentNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Development

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL DevServers-LocalAdminsBUILTIN\Administrators
User Configuration (Enabled)
No settings defined.
Computer Unrestricted Policy 2.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Computer Unrestricted Policy 2.0
Data collected on: 23/04/2025 10:47:19
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created04/02/2013 00:57:24
Modified15/09/2020 22:03:02
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions10 (AD), 10 (SYSVOL)
Unique ID{B55E9569-88C9-4463-BC1A-6B312B0507ED}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-54764
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-54764Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Information Services
PolicySettingComment
Prevent IIS installationDisabled
Preferences
Control Panel Settings
Local Users and Groups
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
bfl\%ComputerName%-LocalAdmins
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
GBL Citrix Receiver 3.4 Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Citrix Receiver 3.4 Policy
Data collected on: 23/04/2025 10:47:19
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created06/03/2013 10:29:20
Modified19/10/2020 10:15:06
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions6 (AD), 6 (SYSVOL)
Unique ID{798581A6-24D7-4867-877E-6CAFF6CBF87F}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Citrix Workspace/Network routing
PolicySettingComment
Session reliability and automatic reconnectionEnabled
Enable automatic reconnectionEnabled
Enable session reliability (has precedence if both are selected)Enabled
Transparency Level 
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Network\Reconnection\TransportReconnectRetries
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Citrix Workspace/User authentication
PolicySettingComment
Local user name and passwordEnabled
Enable pass-through authenticationEnabled
Allow pass-through authentication for all ICA connectionsEnabled
Use Novell Directory Server credentialsDisabled
Server.GBL.Local Admin Access
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Server.GBL.Local Admin Access
Data collected on: 23/04/2025 10:47:19
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created14/03/2013 05:13:36
Modified15/09/2020 22:04:56
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions24 (AD), 24 (SYSVOL)
Unique ID{26D8D616-ED85-414E-B524-F3941F291E4B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ServersNoEnabledbfl.local/Accounts Computer/Servers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Control Panel Settings
Local Users and Groups
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
BFL\BFL Servers-LocalAdminsS-1-5-21-58594938-1633628789-801526373-25823
BFL\%computername%-LocalAdmins
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
Server.GBL.Dev Local Admin Access
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Server.GBL.Dev Local Admin Access
Data collected on: 23/04/2025 10:47:19
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created26/03/2013 03:15:58
Modified15/09/2020 22:04:56
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{2C2B6D67-FF6D-4782-905B-6DECE1D247FE}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ServersNoEnabledbfl.local/Accounts Computer/Servers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\Rol.Server.Development
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\Rol.Server.DevelopmentRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Control Panel Settings
Local Users and Groups
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
BFL\BFL DevServers-LocalAdminsS-1-5-21-58594938-1633628789-801526373-42849
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
Server.GBL.XenApp Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Server.GBL.XenApp Policy
Data collected on: 23/04/2025 10:47:19
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created26/03/2013 03:19:40
Modified15/09/2020 22:04:56
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{8A68D12D-5531-40E7-A595-E5658AEC5E2F}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-54787
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-54787Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session1 hour
User Configuration (Disabled)
No settings defined.
UK AppV 5 Shared Content
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK AppV 5 Shared Content
Data collected on: 23/04/2025 10:47:19
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created03/04/2013 11:12:50
Modified15/09/2020 22:05:04
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions29 (AD), 29 (SYSVOL)
Unique ID{BE09C758-5B20-4C85-8C57-2B3FF289EC87}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 12
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsAll
User Configuration (Disabled)
No settings defined.
US AppV 5 Shared Content
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US AppV 5 Shared Content
Data collected on: 23/04/2025 10:47:20
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/04/2013 11:33:22
Modified15/09/2020 22:05:12
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions14 (AD), 14 (SYSVOL)
Unique ID{EED6E30C-DC9B-49A4-B2C7-A2B0E97632BD}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 12
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsAll
User Configuration (Disabled)
No settings defined.
Beazley Background
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Beazley Background
Data collected on: 23/04/2025 10:47:20
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created20/08/2013 18:06:52
Modified15/09/2020 22:06:04
User Revisions7 (AD), 7 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{55DF1A33-DA55-444B-92A6-2687C91DA66A}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Thin PCNoEnabledbfl.local/Accounts Service/Applications And Systems/Infrastructure/Thin PC

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\randkCustomNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Scripts
Logon
For this GPO, Script order: Not configured
NameParameters
BeazleyBackgroundFencing.vbs
Server.GBL.Internet Mail
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Server.GBL.Internet Mail
Data collected on: 23/04/2025 10:47:20
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/09/2013 05:32:26
Modified15/09/2020 22:06:04
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{6F816B13-198F-4589-AD58-2B6304AC6E2A}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Restricted ServersNoEnabledbfl.local/Accounts Computer/Servers/Restricted Servers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-56111
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-56111Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Rename administrator account"ntmaster"
Devices
PolicySetting
Devices: Prevent users from installing printer driversEnabled
Devices: Restrict CD-ROM access to locally logged-on user onlyEnabled
Devices: Restrict floppy access to locally logged-on user onlyEnabled
Domain Member
PolicySetting
Domain member: Digitally encrypt secure channel data (when possible)Enabled
Domain member: Digitally sign secure channel data (when possible)Enabled
Interactive Logon
PolicySetting
Interactive logon: Do not display last user nameEnabled
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (if server agrees)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (if client agrees)Enabled
System Services
Browser (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Offline Files
PolicySettingComment
Remove "Make Available Offline" commandEnabled
System/Group Policy
PolicySettingComment
Configure folder redirection policy processingDisabled
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
System/Logon
PolicySettingComment
Turn off Windows Startup soundEnabled
System/User Profiles
PolicySettingComment
Control slow network connection timeout for user profilesEnabled
Connection speed (Kbps):4000000000
Time (milliseconds)120
PolicySettingComment
Delete user profiles older than a specified number of days on system restartEnabled
Delete user profiles older than (days)30
PolicySettingComment
Only allow local user profilesEnabled
Set maximum wait time for the network if a user has a roaming user profile or remote home directoryEnabled
Wait for network for maximum (seconds)1
PolicySettingComment
Wait for remote user profileDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session1 hour
Windows Components/Windows Installer
PolicySettingComment
Turn off Windows InstallerEnabled
Disable Windows InstallerFor non-managed applications only
Preferences
Windows Settings
Registry
PortNumber (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
Value namePortNumber
Value typeREG_DWORD
Value data0xA627 (42535)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
Policies
Windows Settings
Folder Redirection
Desktop
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to DesktopDisabled
Move the contents of Desktop to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsEnabled
Policy Removal BehaviorRestore contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Documents
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to DocumentsEnabled
Move the contents of Documents to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsEnabled
Policy Removal BehaviorRestore contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Favorites
Setting: Basic (Redirect everyone's folder to the same location)
Path: Redirect to local user profile path
Options
Grant user exclusive rights to FavoritesEnabled
Move the contents of Favorites to the new locationEnabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Music
Setting: Follow the Documents folder
Pictures
Setting: Follow the Documents folder
Videos
Setting: Follow the Documents folder
Internet Explorer Maintenance
Browser User Interface/Customized Title Bar
Title Bar Text
Internet Mail
Connection/Automatic Browser Configuration
PolicySetting
Automatically detect configuration settingsDisabled
Automatic Browser ConfigurationNot configured
Connection/Proxy Settings
Enable proxy settings
ProtocolServerPort
HTTPukprca0058080
Secureukprca0058080
FTPukprca0058080
Gopherukprca0058080
Socksukprca0058080
Exceptions:Do not use proxy server for addresses beginning with
Do not use proxy server for local (intranet) addressesEnabled
Security/Security Zones and Content Ratings
Security Zones and Privacy
These settings will not apply to users that log on to computers that have the Internet Explorer Enhanced Security Configuration (ESC) enabled. To create settings for users on computers that have ESC enabled, create a new GPO and edit that GPO on a computer where ESC is enabled.
Internet (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsPrompt
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching applications and unsafe filesPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Local intranet (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Run ActiveX controls and plug-insEnable
Scripting
Active scriptingEnable
Sites
Require server verification (https:) for all sites in this zoneDisabled
Include all local (intranet) sites not listed in other zonesDisabled
Include all sites that bypass the proxy serverDisabled
Include all network paths (UNCs)Disabled
Sites in this zone
https://127.0.0.1/
https://uk01320/
Trusted sites (Security Level: Medium)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Sites
Require server verification (https:) for all sites in this zoneDisabled
Sites in this zone
None
Restricted sites (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeDisable
Run components signed with AuthenticodeDisable
ActiveX controls and plug-ins
Run ActiveX controls and plug-insDisable
Microsoft VM
Java permissionsDisable Java
Scripting
Active scriptingDisable
Sites
Sites in this zone
None
Privacy
Privacy LevelMedium
Web Sites
Always allowyahoo.co.uk
Always blockNone
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Prohibit access to Control Panel and PC settingsEnabled
Control Panel/Printers
PolicySettingComment
Prevent addition of printersEnabled
Desktop
PolicySettingComment
Hide and disable all items on the desktopEnabled
Hide Network Locations icon on desktopEnabled
Prohibit adjusting desktop toolbarsEnabled
Prohibit User from manually redirecting Profile FoldersEnabled
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Network/Offline Files
PolicySettingComment
Synchronize all offline files when logging onDisabled
Start Menu Administrative Tools(CustomADM)
PolicySettingComment
Remove Administrative Tools from Start MenuEnabled
Set the Administrative Tools to:Hidden
Start Menu and Taskbar
PolicySettingComment
Clear history of recently opened documents on exitEnabled
Clear the recent programs list for new usersEnabled
Do not keep history of recently opened documentsEnabled
Do not search for filesEnabled
Do not search programs and Control Panel itemsEnabled
Do not use the search-based method when resolving shell shortcutsEnabled
Lock all taskbar settingsEnabled
Prevent changes to Taskbar and Start Menu SettingsEnabled
Prevent users from adding or removing toolbarsEnabled
Prevent users from customizing their Start ScreenEnabled
Remove access to the context menus for the taskbarEnabled
Remove All Programs list from the Start menuEnabled
Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commandsEnabled
Remove Balloon Tips on Start Menu itemsEnabled
Remove common program groups from Start MenuEnabled
Remove Default Programs link from the Start menu.Enabled
Remove Documents icon from Start MenuEnabled
Remove Favorites menu from Start MenuEnabled
Remove frequent programs list from the Start MenuEnabled
Remove Games link from Start MenuEnabled
Remove Help menu from Start MenuEnabled
Remove links and access to Windows UpdateEnabled
Remove Music icon from Start MenuEnabled
Remove Network Connections from Start MenuEnabled
Remove Network icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove pinned programs list from the Start MenuEnabled
Remove programs on Settings menuEnabled
Remove Recent Items menu from Start MenuEnabled
Remove Run menu from Start MenuEnabled
Remove Search Computer linkEnabled
Remove Search link from Start MenuEnabled
Remove the networking iconEnabled
Remove user folder link from Start MenuEnabled
Show QuickLaunch on TaskbarDisabled
Turn off all balloon notificationsEnabled
Turn off notification area cleanupEnabled
System
PolicySettingComment
Do not display the Getting Started welcome screen at logonEnabled
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?Yes
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
System/Ctrl+Alt+Del Options
PolicySettingComment
Remove Task ManagerEnabled
System/Driver Installation
PolicySettingComment
Configure driver search locationsEnabled
Do not search floppy disk drivesEnabled
Do not search CD-ROM drivesEnabled
Do not search Windows UpdateEnabled
System/Folder Redirection
PolicySettingComment
Do not automatically make all redirected folders available offlineEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Desktop Gadgets
PolicySettingComment
Turn off desktop gadgetsEnabled
Windows Components/File Explorer
PolicySettingComment
Do not allow Folder Options to be opened from the Options button on the View tab of the ribbonEnabled
Do not display the Welcome Center at user logonEnabled
Hide these specified drives in My ComputerEnabled
Pick one of the following combinationsRestrict all drives
PolicySettingComment
Hides the Manage item on the File Explorer context menuEnabled
No Computers Near Me in Network LocationsEnabled
No Entire Network in Network LocationsEnabled
Prevent access to drives from My ComputerEnabled
Pick one of the following combinationsRestrict A, B, C and D drives only
PolicySettingComment
Remove "Map Network Drive" and "Disconnect Network Drive"Enabled
Remove File Explorer's default context menuEnabled
Remove File menu from File ExplorerEnabled
Remove Hardware tabEnabled
Remove Search button from File ExplorerEnabled
Remove Security tabEnabled
Remove Shared Documents from My ComputerEnabled
Turn off Windows+X hotkeysEnabled
Windows Components/Instant Search
PolicySettingComment
Custom Instant Search Internet search providerEnabled
The string or DLL resource from which to load the string shown in the Instant Search menu.Google
The URL to use when invoking the custom Internet search, with the search term indicated by "%w".http://www.google.com/search?q=%w
Windows Components/Internet Explorer
PolicySettingComment
Configure Media Explorer BarEnabled
Disable the Media Explorer Bar and auto-play featureEnabled
Auto-Play Media files in the Media bar when enabledDisabled
PolicySettingComment
Disable AutoComplete for formsEnabled
Disable changing Advanced page settingsEnabled
Disable changing Automatic Configuration settingsEnabled
Disable changing Calendar and Contact settingsEnabled
Disable changing certificate settingsEnabled
Disable changing color settingsEnabled
Disable changing connection settingsEnabled
Disable changing default browser checkEnabled
Disable changing font settingsEnabled
Disable changing home page settingsEnabled
Home Pagehttp://www.google.com
PolicySettingComment
Disable changing language settingsEnabled
Disable changing link color settingsEnabled
Disable changing Messaging settingsEnabled
Disable changing Profile Assistant settingsEnabled
Disable changing ratings settingsEnabled
Disable changing Temporary Internet files settingsEnabled
Disable external branding of Internet ExplorerEnabled
Disable Internet Connection wizardEnabled
Disable the Reset Web Settings featureEnabled
Do not allow users to enable or disable add-onsEnabled
Identity Manager: Prevent users from using IdentitiesEnabled
Prevent "Fix settings" functionalityEnabled
Prevent access to Internet Explorer HelpEnabled
Prevent changing proxy settingsEnabled
Prevent Internet Explorer Search box from appearingEnabled
Prevent managing the phishing filterEnabled
Select phishing filter modeAutomatic
PolicySettingComment
Prevent participation in the Customer Experience Improvement ProgramEnabled
Prevent running First Run wizardEnabled
Select your choiceGo directly to home page
PolicySettingComment
Turn off configuration of pop-up windows in tabbed browsingEnabled
Select tabbed browsing pop-up behaviorLet Internet Explorer decide
PolicySettingComment
Turn off Crash DetectionEnabled
Turn off the Security Settings Check featureEnabled
Windows Components/Internet Explorer/Browser menus
PolicySettingComment
Disable Save this program to disk optionEnabled
File menu: Disable New menu optionEnabled
File menu: Disable Open menu optionEnabled
File menu: Disable Save As Web Page CompleteEnabled
File menu: Disable Save As... menu optionEnabled
Help menu: Remove 'For Netscape Users' menu optionEnabled
Help menu: Remove 'Send Feedback' menu optionEnabled
Help menu: Remove 'Tip of the Day' menu optionEnabled
Help menu: Remove 'Tour' menu optionEnabled
Tools menu: Disable Internet Options... menu optionDisabled
Turn off Shortcut MenuEnabled
View menu: Disable Source menu optionEnabled
Windows Components/Internet Explorer/Delete Browsing History
PolicySettingComment
Prevent the deletion of temporary Internet files and cookiesDisabled
Windows Components/Internet Explorer/Internet Control Panel
PolicySettingComment
Disable the Advanced pageEnabled
Disable the Connections pageEnabled
Disable the Content pageEnabled
Disable the General pageEnabled
Disable the Privacy pageEnabled
Disable the Programs pageEnabled
Disable the Security pageEnabled
Windows Components/Internet Explorer/Internet Control Panel/Advanced Page
PolicySettingComment
Do not allow resetting Internet Explorer settingsEnabled
Windows Components/Internet Explorer/Internet Settings/Advanced settings/Searching
PolicySettingComment
Prevent configuration of search on Address barEnabled
When searching from the address bar:Do not search from the address bar
Windows Components/Internet Explorer/Security Features/Add-on Management
PolicySettingComment
Add-on ListEnabled
Add-on List 
{233C1507-6A77-46A4-9443-F871F945D258}1
{D27CDB6E-AE6D-11CF-96B8-444553540000}1
Windows Components/Internet Explorer/Toolbars
PolicySettingComment
Turn off toolbar upgrade toolEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
Server ManagerDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Device and Resource Redirection
PolicySettingComment
Allow time zone redirectionEnabled
Do not allow Clipboard redirectionEnabled
Windows Components/Task Scheduler
PolicySettingComment
Prevent Task Run or EndEnabled
Prohibit New Task CreationEnabled
Windows Components/Windows Error Reporting
PolicySettingComment
Disable Windows Error ReportingEnabled
Windows Components/Windows Mail
PolicySettingComment
Turn off Windows Mail applicationEnabled
Windows Components/Windows Media Center
PolicySettingComment
Do not allow Windows Media Center to runEnabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Windows Components/Windows SideShow
PolicySettingComment
Turn off Windows SideShowEnabled
Windows Components/Windows Update
PolicySettingComment
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Remove access to use all Windows Update featuresEnabled
Configure notifications: 
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1
Server.UK.NoLocalAdmin
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Server.UK.NoLocalAdmin
Data collected on: 23/04/2025 10:47:20
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/09/2013 05:39:54
Modified15/09/2020 22:06:04
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{A627F12F-797C-4F1C-A488-FCD066F1C49B}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Restricted ServersNoEnabledbfl.local/Accounts Computer/Servers/Restricted Servers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-61693
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-61693Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit object accessSuccess, Failure
User Configuration (Disabled)
No settings defined.
BFL Thin PC account
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Thin PC account
Data collected on: 23/04/2025 10:47:20
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created16/10/2013 08:02:44
Modified15/09/2020 22:06:30
User Revisions55 (AD), 55 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{7ED7B715-E51F-491D-876C-81DD293537F5}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Thin PCNoEnabledbfl.local/Accounts Service/Applications And Systems/Infrastructure/Thin PC

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\beaztpc
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\beaztpcRead (from Security Filtering)No
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Add or Remove Programs
PolicySettingComment
Remove Add or Remove ProgramsEnabled
Control Panel/Personalization
PolicySettingComment
Password protect the screen saverDisabled
Desktop
PolicySettingComment
Remove My Documents icon on the desktopEnabled
Remove Recycle Bin icon from desktopEnabled
Desktop/Desktop
PolicySettingComment
Desktop WallpaperEnabled
Wallpaper Name:C:\Windows\Web\Wallpaper\beazley_desktop_fencing.bmp
Example: Using a local path: C:\windows\web\wallpaper\home.jpg
Example: Using a UNC path: \\Server\Share\Corp.jpg
Wallpaper Style:Center
Remote Desktop Services
PolicySettingComment
Remove Administrative Tools From The Start MenuEnabled
Turn Start Menu Administrative Tools:Off
Start Menu and Taskbar
PolicySettingComment
Do not display any custom toolbars in the taskbarEnabled
Do not keep history of recently opened documentsEnabled
Remove Balloon Tips on Start Menu itemsEnabled
Remove Default Programs link from the Start menu.Enabled
Remove Documents icon from Start MenuEnabled
Remove Downloads link from Start MenuEnabled
Remove Favorites menu from Start MenuEnabled
Remove frequent programs list from the Start MenuEnabled
Remove Games link from Start MenuEnabled
Remove Help menu from Start MenuEnabled
Remove Homegroup link from Start MenuEnabled
Remove Logoff on the Start MenuEnabled
Remove Music icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove pinned programs from the TaskbarEnabled
Remove programs on Settings menuEnabled
Remove Run menu from Start MenuEnabled
Remove Search Computer linkEnabled
Remove Search link from Start MenuEnabled
Remove the Security and Maintenance iconEnabled
Remove user name from Start MenuEnabled
Remove Videos link from Start MenuEnabled
Show QuickLaunch on TaskbarDisabled
Turn off notification area cleanupEnabled
Turn off user trackingEnabled
Windows Components/Desktop Gadgets
PolicySettingComment
Turn off desktop gadgetsEnabled
Default User Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default User Policy 1.0
Data collected on: 23/04/2025 10:47:21
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/10/2013 11:31:26
Modified15/09/2020 22:06:30
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{B9FBDDE8-3897-46E3-A441-B7EE7FD64B93}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Internet Explorer Maintenance
Browser User Interface/Customized Title Bar
Title Bar Text
Beazley IT
URLs/Important URLs
NameURL
Home page URLhttp://intranet.beazley.com/
Search bar URLhttp://www.google.com/
Online support page URLNot configured
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Article 961112 Policy Settings/Outlook Anywhere (RPC/HTTP)
PolicySettingComment
RPC/HTTP Connection FlagsEnabled
Select a combination of RPC/HTTP connection flags. (see Explain tab for details)No Flags
Citrix Components/Citrix Workspace/User authentication
PolicySettingComment
Kerberos authenticationEnabled
Local user name and passwordEnabled
Enable pass-through authenticationEnabled
Allow pass-through authentication for all ICA connectionsEnabled
Use Novell Directory Server credentialsDisabled
Control Panel
PolicySettingComment
Hide specified Control Panel itemsEnabled
List of disallowed Control Panel items
appwiz.cpl
hdwwiz.cpl
nusrmgr.cpl
sysdm.cpl
Desktop
PolicySettingComment
Prohibit User from manually redirecting Profile FoldersEnabled
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Desktop/Desktop
PolicySettingComment
Disable Active DesktopEnabled
Disallows HTML and Jpg Wallpaper
Microsoft Excel 2010/Excel Options/Security
PolicySettingComment
Force file extension to match file typeEnabled
Allow different
Microsoft Excel 2010/Excel Options/Security/Trust Center/Trusted Locations
PolicySettingComment
Trusted Location #1Enabled
Path:R:\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:7/12/11
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #2Enabled
Path:\\FARLIVFS01\Public\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:24/11/2011
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #3Enabled
Path:P:\source docs\
Date:24/11/2011
Description:First State Source Macro's
Allow sub folders:Disabled
Microsoft Office 2007 system/Improved Error Reporting
PolicySettingComment
Disable reporting of error messagesEnabled
Disable reporting of non-critical errorsEnabled
Microsoft Office 2007 system/Privacy/Trust Center
PolicySettingComment
Automatically receive small updates to improve reliabilityDisabled
Disable Opt-in Wizard on first runEnabled
Enable Customer Experience Improvement ProgramDisabled
Microsoft Office 2007 system/Shared paths
PolicySettingComment
Workgroup templates pathEnabled
Workgroup templates path\\w2kfileserver\groups\CrossBusiness\Templates
Microsoft Office 2010/Disable Items in User Interface
PolicySettingComment
Disable commands under File tab | HelpEnabled
Office AssistantDisabled
Getting StartedDisabled
Contact UsDisabled
Office CenterDisabled
Take Office With YouDisabled
Check for UpdatesEnabled
Microsoft Office 2010/Improved Error Reporting
PolicySettingComment
Stop reporting error messagesEnabled
Stop reporting non-critical errorsEnabled
Microsoft Office 2010/Miscellaneous
PolicySettingComment
Suppress recommended settings dialogEnabled
Microsoft Office 2010/Privacy/Trust Center
PolicySettingComment
Disable Opt-in Wizard on first runDisabled
Enable Customer Experience Improvement ProgramDisabled
Microsoft Office 2010/Shared paths
PolicySettingComment
Workgroup templates pathEnabled
Workgroup templates path\\w2kfileserver\groups\CrossBusiness\Templates
Microsoft Office Excel 2007/Excel Options/Security
PolicySettingComment
Force file extension to match file typeEnabled
Allow different
Microsoft Office Excel 2007/Excel Options/Security/Trust Center/Trusted Locations
PolicySettingComment
Trusted Location #1Enabled
Path: R:\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:30/10/09
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #2Enabled
Path:\\FARLIVFS01\Public\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:30/10/09
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #3Enabled
Path:p:\source docs\
Date:27/07/2010
Description:First State Source Macro's
Allow sub folders:Disabled
Microsoft Office Outlook 2007/Tools | Account Settings/Exchange
PolicySettingComment
Configure Outlook Anywhere user interface optionsEnabled
Choose UI State when OS can support feature:Disable but show all config UI
Microsoft Office Outlook 2007/Tools | Account Settings/Exchange/Cached Exchange Mode
PolicySettingComment
Cached Exchange Mode (File | Cached Exchange Mode)Enabled
Select Cached Exchange Mode for new profilesDownload Full Items
PolicySettingComment
Download Public Folder FavoritesDisabled
Download shared non-mail foldersDisabled
Use Cached Exchange Mode for new and existing Outlook profilesEnabled
Microsoft Office Outlook 2007/Tools | Account Settings/RSS Feeds
PolicySettingComment
Turn off RSS featureEnabled
Microsoft Office Outlook 2007/Tools | Options.../Other/AutoArchive
PolicySettingComment
AutoArchive SettingsDisabled
Microsoft Office Outlook 2007/Tools | Options.../Other/Person Names
PolicySettingComment
Display online status on a person nameEnabled
Display online presence: Everywhere
Microsoft Office Outlook 2007/Tools | Options.../Preferences/Calendar Options/Free/Busy Options
PolicySettingComment
OptionsEnabled
Months of Free/Busy information published:4
Prevent users from changing Months of Free/Busy informationEnabled
being published
Free/Busy updated on the server every xxx seconds:900
Microsoft Office Outlook 2007/Tools | Options.../Preferences/Junk E-mail
PolicySettingComment
Junk E-mail protection levelEnabled
Select level:No Protection
Microsoft Office Outlook 2007/Tools | Options.../Preferences/Search Options
PolicySettingComment
Prevent installation prompts when Windows Desktop Search component is not presentEnabled
Microsoft Outlook 2010/Account Settings/Exchange
PolicySettingComment
Configure Outlook Anywhere user interface optionsEnabled
Choose UI State when OS can support feature:Disable but show all config UI
PolicySettingComment
RPC/HTTP Connection FlagsEnabled
Select a combination of RPC/HTTP connection flags. (see Explain tab for details)No Flags
Microsoft Outlook 2010/Account Settings/Exchange/Cached Exchange Mode
PolicySettingComment
Cached Exchange Mode (File | Cached Exchange Mode)Enabled
Select Cached Exchange Mode for new profilesDownload Full Items
PolicySettingComment
Download Public Folder FavoritesDisabled
Download shared non-mail foldersDisabled
Microsoft Outlook 2010/Account Settings/Exchange/Offline Address Book
PolicySettingComment
Use only OAB v4Enabled
Microsoft Outlook 2010/Account Settings/RSS Feeds
PolicySettingComment
Turn off RSS featureEnabled
Microsoft Outlook 2010/Outlook Options/Other/AutoArchive
PolicySettingComment
AutoArchive SettingsDisabled
Microsoft Outlook 2010/Outlook Options/Preferences/Calendar Options/Free/Busy Options
PolicySettingComment
OptionsEnabled
Months of Free/Busy information published:4
Prevent users from changing Months of Free/Busy information being publishedEnabled
Free/Busy updated on the server every xxx seconds:900
Microsoft Outlook 2010/Outlook Options/Preferences/Junk E-mail
PolicySettingComment
Junk E-mail protection levelEnabled
Select level:No Protection
Microsoft Outlook 2010/Outlook Options/Preferences/Search Options
PolicySettingComment
Prevent installation prompts when Windows Desktop Search component is not presentEnabled
Start Menu and Taskbar
PolicySettingComment
Remove Music icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove the Security and Maintenance iconEnabledApplied by C.Cardoso - 09/08/13
System
PolicySettingComment
Do not display the Getting Started welcome screen at logonEnabled
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?No
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:CD-ROM and removable media drives
Windows Components/File Explorer
PolicySettingComment
Hide these specified drives in My ComputerEnabled
Pick one of the following combinationsRestrict A, B and C drives only
PolicySettingComment
Prevent access to drives from My ComputerEnabled
Pick one of the following combinationsRestrict A, B and C drives only
PolicySettingComment
Remove Hardware tabEnabled
Request credentials for network installationsEnabled
Windows Components/Internet Explorer
PolicySettingComment
Disable caching of Auto-Proxy scriptsEnabled
Prevent managing the phishing filterEnabled
Select phishing filter modeAutomatic
PolicySettingComment
Prevent participation in the Customer Experience Improvement ProgramEnabled
Prevent running First Run wizardEnabled
Select your choiceGo directly to home page
Windows Components/Internet Explorer/Internet Settings/Advanced settings/Browsing
PolicySettingComment
Turn off details in messages about Internet connection problemsEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
.Net Framework ConfigurationDisabled
Active Directory Domains and TrustsDisabled
Active Directory Sites and ServicesDisabled
Active Directory Users and ComputersDisabled
ActiveX ControlDisabled
ADSI EditDisabled
Certificate TemplatesDisabled
CertificatesDisabled
Certification AuthorityDisabled
Component ServicesDisabled
Computer ManagementDisabled
Disk DefragmenterDisabled
Disk ManagementDisabled
Distributed File SystemDisabled
FrontPage Server ExtensionsDisabled
Internet Authentication Service (IAS)Disabled
Internet Information ServicesDisabled
IP Security MonitorDisabled
Local Users and GroupsDisabled
Remote Desktop Services ConfigurationDisabled
Remote DesktopsDisabled
Removable Storage ManagementDisabled
Routing and Remote AccessDisabled
Security Configuration and AnalysisDisabled
Security TemplatesDisabled
ServicesDisabled
TelephonyDisabled
Wireless MonitorDisabled
WMI ControlDisabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Extension snap-ins
PolicySettingComment
Device ManagerDisabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Group Policy
PolicySettingComment
Group Policy ManagementDisabled
Group Policy Object EditorDisabled
Group Policy tab for Active Directory ToolsDisabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Group Policy/Group Policy snap-in extensions
PolicySettingComment
IP Security Policy ManagementDisabled
Windows Components/Search
PolicySettingComment
Default excluded pathsEnabled
Default Excluded Paths
outlookexpress://{*}/*
Windows Components/Task Scheduler
PolicySettingComment
Prohibit New Task CreationEnabled
Prohibit Task DeletionEnabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1
Preferences
Windows Settings
Files
File (Target Path: %userprofile%\application data\Microsoft\Templates\Normal.dotm)
Normal.dotm (Order: 1)
General
ActionReplace
Properties
Source file(s)\\bfl.local\netlogon\Normal.dotm
Destination file%userprofile%\application data\Microsoft\Templates\Normal.dotm
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
File (Target Path: %userprofile%\application data\Microsoft\templates\document themes\Default Theme.thmx)
Default Theme.thmx (Order: 2)
General
ActionReplace
Properties
Source file(s)\\bfl.local\netlogon\Default Theme.thmx
Destination file%userprofile%\application data\Microsoft\templates\document themes\Default Theme.thmx
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Folders
Folder (Path: C:\Documents and Settings\%username%\application data\microsoft\Templates/Document Themes)
Templates/Document Themes (Order: 1)
General
ActionUpdate
Attributes
PathC:\Documents and Settings\%username%\application data\microsoft\Templates/Document Themes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry
AutoEndTasks (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Desktop
Value nameAutoEndTasks
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Trusted Sites Policy Prod 4.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Trusted Sites Policy Prod 4.0
Data collected on: 23/04/2025 10:47:21
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created27/11/2013 14:23:22
Modified15/09/2020 22:06:54
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{745E07DD-DA90-4BF1-B4F6-4C8D149B8509}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Internet Explorer Maintenance
URLs/Important URLs
NameURL
Home page URLhttp://intranet.beazley.com/
Search bar URLNot configured
Online support page URLNot configured
Security/Security Zones and Content Ratings
Security Zones and Privacy
These settings will not apply to users that log on to computers that have the Internet Explorer Enhanced Security Configuration (ESC) enabled. To create settings for users on computers that have ESC enabled, create a new GPO and edit that GPO on a computer where ESC is enabled.
Internet (Security Level: Medium-high)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching applications and unsafe filesPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Software channel permissionsMedium safety
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Local intranet (Security Level: Medium-low)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsMedium safety
Miscellaneous
Access data sources across domainsPrompt
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsEnable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching applications and unsafe filesEnable
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsEnable
Software channel permissionsMedium safety
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptEnable
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Sites
Require server verification (https:) for all sites in this zoneDisabled
Include all local (intranet) sites not listed in other zonesDisabled
Include all sites that bypass the proxy serverDisabled
Include all network paths (UNCs)Disabled
Sites in this zone
aldlivpx02
aldlivpx03
collaboration.beazley.com
collaboration-sys.beazley.com
collaboration-uat.beazley.com
evault.bfl.local
farlivap02
farlivap03
farlivap04
file://*.bfl.local/
http://citrix/
intranet-prd.beazley.com
intranet-sys.beazley.com
intranet-uat.beazley.com
myprofile.beazley.com
myprofile-sys.beazley.com
myprofile-uat.beazley.com
ukproxy
usproxy
vault.bfl.local
Trusted sites (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching applications and unsafe filesEnable
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Software channel permissionsMedium safety
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Sites
Require server verification (https:) for all sites in this zoneDisabled
Sites in this zone
http://*.beazleypro.com/
http://*.bfl.local/
http://*.lumesse.com/
http://151.115.232.123/
http://admin.beazleytrade.com/
http://aldlivap01/
http://beazley.edvantage.net/
http://beazleypro-apm/
http://beazleypro-cfg/
http://beazleypro-config/
http://beazleypro-config-apm/
http://beazleypro-config-cfg/
http://beazleypro-config-mof/
http://beazleypro-config-sys/
http://beazleypro-config-uat/
http://beazleypromof/
http://beazleypro-sys/
http://beazleypro-uat/
http://bic.beazley.com/
http://bic/
http://bicsys.beazley.com/
http://bicuat.beazley.com/
http://crm.beazleypro.com/
http://efix.beazleytrade.com/
http://intranet.beazley.com/
http://modeloffice.jobtraq.beazleydev.local/
http://preprod.beazleytrade.com/
http://prod.beazleyclaimcenter.com/
http://prod.beazleytrade.com/
http://secretserver/
http://sharepoint01/
http://sharepoint01services/
http://sharepoint01servicessys/
http://sharepoint01servicesuat/
http://sharepoint01sys/
http://sharepoint01uat/
http://sharepoint02/
http://sharepoint02services/
http://sharepoint02servicessys/
http://sharepoint02servicesuat/
http://sharepoint02sys/
http://sharepoint02uat/
http://staging.beazleytrade.com/
http://uat.beazleyclaimcenter.com/
http://uat.beazleytrade.com/
http://ukprim022.bfl.local/
http://ukprim022/
http://websys.beazley.com/
http://webuat.beazley.com/
http://workflow.beazleypro.com/
http://www.adobe.com/
http://www.beazleygateway.com/
http://www.beazleytrade.com/
http://www.printplatform.co.uk/
https://dr.beazleygateway.com/
https://secure.edvantage.net/
https://sftemea.one.microsoft.com/
https://usa.beazleygateway.com/
https://www.beazleygateway.com/
https://www.beazleytrade.com/
Restricted sites (Security Level: High)
.NET Framework-reliant components
Run components not signed with AuthenticodeDisable
Run components signed with AuthenticodeDisable
ActiveX controls and plug-ins
Download signed ActiveX controlsDisable
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insDisable
Script ActiveX controls marked safe for scriptingDisable
Downloads
File downloadDisable
Font downloadDisable
Microsoft VM
Java permissionsDisable Java
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHDisable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesPrompt
Installation of desktop itemsDisable
Launching applications and unsafe filesDisable
Launching programs and files in an IFRAMEDisable
Navigate sub-frames across different domainsDisable
Software channel permissionsHigh safety
Submit nonencrypted form dataPrompt
Userdata persistenceDisable
Scripting
Active scriptingDisable
Allow paste operations via scriptDisable
Scripting of Java appletsDisable
User Authentication
LogonPrompt for user name and password
Sites
Sites in this zone
None
Privacy
Privacy LevelMedium
Web Sites
Always allowNone
Always blockNone
bfl.local_ADAuditPlusPolicy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
bfl.local_ADAuditPlusPolicy
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\Domain Admins
Created28/01/2014 14:33:34
Modified15/09/2020 22:07:38
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions6 (AD), 6 (SYSVOL)
Unique ID{DB25C7C1-8D0C-4DC2-A3E9-3108E9CB6C74}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\ADAuditPlusFS
BFL\UKPRFC004$
BFL\UKPRFC005$
BFL\UKPRFC006$
BFL\UKPRFC007$
S-1-5-21-58594938-1633628789-801526373-10095
S-1-5-21-58594938-1633628789-801526373-15169
S-1-5-21-58594938-1633628789-801526373-15172
S-1-5-21-58594938-1633628789-801526373-15262
S-1-5-21-58594938-1633628789-801526373-15769
S-1-5-21-58594938-1633628789-801526373-15783
S-1-5-21-58594938-1633628789-801526373-15784
S-1-5-21-58594938-1633628789-801526373-15785
S-1-5-21-58594938-1633628789-801526373-15786
S-1-5-21-58594938-1633628789-801526373-15926
S-1-5-21-58594938-1633628789-801526373-15977
S-1-5-21-58594938-1633628789-801526373-16036
S-1-5-21-58594938-1633628789-801526373-25835
S-1-5-21-58594938-1633628789-801526373-26050
S-1-5-21-58594938-1633628789-801526373-26969
S-1-5-21-58594938-1633628789-801526373-27664
S-1-5-21-58594938-1633628789-801526373-28709
S-1-5-21-58594938-1633628789-801526373-28749
S-1-5-21-58594938-1633628789-801526373-29007
S-1-5-21-58594938-1633628789-801526373-31712
S-1-5-21-58594938-1633628789-801526373-38468
S-1-5-21-58594938-1633628789-801526373-39945
S-1-5-21-58594938-1633628789-801526373-43083
S-1-5-21-58594938-1633628789-801526373-55743
S-1-5-21-58594938-1633628789-801526373-56646
S-1-5-21-58594938-1633628789-801526373-56647
S-1-5-21-58594938-1633628789-801526373-56677
S-1-5-21-58594938-1633628789-801526373-56765
S-1-5-21-58594938-1633628789-801526373-60623
S-1-5-21-58594938-1633628789-801526373-61883
S-1-5-21-58594938-1633628789-801526373-64130
S-1-5-21-58594938-1633628789-801526373-65165
S-1-5-21-58594938-1633628789-801526373-66843
S-1-5-21-58594938-1633628789-801526373-67692
S-1-5-21-58594938-1633628789-801526373-67718
S-1-5-21-58594938-1633628789-801526373-69956
S-1-5-21-58594938-1633628789-801526373-70894
S-1-5-21-58594938-1633628789-801526373-71293
S-1-5-21-58594938-1633628789-801526373-7329
S-1-5-21-58594938-1633628789-801526373-74001
S-1-5-21-58594938-1633628789-801526373-75318
S-1-5-21-58594938-1633628789-801526373-75604
S-1-5-21-58594938-1633628789-801526373-76898
S-1-5-21-58594938-1633628789-801526373-77583
S-1-5-21-58594938-1633628789-801526373-78080
S-1-5-21-58594938-1633628789-801526373-78589
S-1-5-21-58594938-1633628789-801526373-82153
S-1-5-21-58594938-1633628789-801526373-86136
S-1-5-21-58594938-1633628789-801526373-86645
S-1-5-21-58594938-1633628789-801526373-94655
S-1-5-21-58594938-1633628789-801526373-95100
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\ADAuditPlusFSRead (from Security Filtering)No
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\gpo.server.AD Audit Plus PolicyReadNo
BFL\Group Policy Creator OwnersEdit settings, delete, modify securityNo
BFL\UKPRFC004$Read (from Security Filtering)No
BFL\UKPRFC005$Read (from Security Filtering)No
BFL\UKPRFC006$Read (from Security Filtering)No
BFL\UKPRFC007$Read (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
S-1-5-21-58594938-1633628789-801526373-10095Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15169Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15172Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15262Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15769Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15783Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15784Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15785Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15786Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15926Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-15977Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-16036Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-25835Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-26050Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-26969Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-27664Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-28709Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-28749Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-29007Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-31712Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-38468Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-39945Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-43083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-55743Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-56646Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-56647Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-56677Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-56765Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-60623Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-61883Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-64130Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-65165Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-66843Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-67692Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-67718Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-69956Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-70894Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-71293Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-7329Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-74001Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-75318Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-75604Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-76898Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-77583Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-78080Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-78589Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-82153Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-86136Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-86645Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-94655Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-95100Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit account managementSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess
Audit process trackingSuccess
Audit system eventsSuccess
Local Policies/Security Options
Other
PolicySetting
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsEnabled
Advanced Audit Configuration
Account Management
PolicySetting
Audit Computer Account ManagementSuccess
Audit Distribution Group ManagementSuccess
Audit Security Group ManagementSuccess
Audit User Account ManagementSuccess, Failure
Detailed Tracking
PolicySetting
Audit PNP ActivitySuccess, Failure
Audit Process CreationSuccess
Audit Process TerminationSuccess
Logon/Logoff
PolicySetting
Audit LogoffSuccess
Audit LogonSuccess, Failure
Audit Network Policy ServerSuccess, Failure
Audit Other Logon/Logoff EventsSuccess, Failure
Object Access
PolicySetting
Audit Application GeneratedSuccess, Failure
Audit Certification ServicesSuccess, Failure
Audit File ShareSuccess
Audit File SystemSuccess, Failure
Audit Handle ManipulationSuccess, Failure
Audit Other Object Access EventsSuccess
Audit Removable StorageSuccess, Failure
Policy Change
PolicySetting
Audit Audit Policy ChangeSuccess, Failure
Audit Authentication Policy ChangeSuccess
Audit Authorization Policy ChangeSuccess
System
PolicySetting
Audit Security State ChangeSuccess
Audit Security System ExtensionSuccess
User Configuration (Enabled)
No settings defined.
BFL TstServers-LocalAdmins
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL TstServers-LocalAdmins
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created19/02/2014 00:35:40
Modified15/09/2020 22:07:56
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{5115B5BE-CB19-4C91-A887-25C1EA1CD455}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
TestNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions/Test
TestNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions/Test
TestNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
S-1-5-21-58594938-1633628789-801526373-66337BUILTIN\Administrators
User Configuration (Enabled)
No settings defined.
GBL Custom Offline Folders
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Custom Offline Folders
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created27/06/2014 05:23:26
Modified15/09/2020 22:10:00
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{216F12E2-20EE-4A25-9B45-6046861DE961}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Offline Files
PolicySettingComment
Configure slow-link modeDisabled
Event logging levelEnabled
Enter [0-3]: 3
0 = Cache data corrupted
1 = Log 'server offline'
2 = Level 1 + log 'net stopped' and 'net started'
3 = Level 2 + log 'server available for reconnection'
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Offline Files
PolicySettingComment
Remove "Make Available Offline" commandEnabled
Specify administratively assigned Offline FilesEnabled
Specify network files and folders that are always available offline.
In the name field, type a fully-qualified UNC path for each file or folder.
Do not enter a value for the item.
Files and Folders:  
%homeshare%\Outlook_Secure_Temp
%homeshare%\Citrix
%homeshare%\Desktop
%homeshare%\My Documents
Server.GBL.BGinfo Install
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Server.GBL.BGinfo Install
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created14/03/2013 05:24:34
Modified15/09/2020 22:10:00
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{5AFE4F51-92EF-42EB-9E95-CB7809D0C4E7}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ServersNoDisabledbfl.local/Accounts Computer/Servers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Software Settings
Assigned Applications
BGInfo (PV1.01)
Product Information
NameBGInfo (PV1.01)
Version4.16
LanguageEnglish (United States)
Platformx86
Support URL
Deployment Information
GeneralSetting
Deployment typeAssigned
Deployment source\\bfl.local\netlogon\BGInfo PV101.msi
Uninstall this application when it falls out of the scope of managementDisabled

Advanced Deployment OptionsSetting
Ignore language when deploying this packageDisabled
Make this 32-bit X86 application available to Win64 computersEnabled
Include OLE class and product informationEnabled

Diagnostic InformationSetting
Product code{024986fd-ff9e-4886-a308-87191222701b}
Deployment Count0
Security
Permissions
TypeNamePermissionInherited
AllowBFL\Domain AdminsFull controlNo
AllowNT AUTHORITY\Authenticated UsersReadNo
AllowNT AUTHORITY\SYSTEMFull controlNo
AllowBFL\Domain AdminsReadYes
AllowBFL\Enterprise AdminsReadYes
AllowBFL\Group Policy Creator OwnersRead, WriteYes
AllowBFL\Group Policy Creator OwnersRead, WriteYes
AllowBFL\srv.AGPM.ProdRead, WriteYes
AllowBFL\srv.AGPM.ProdRead, WriteYes
AllowNT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadYes
AllowNT AUTHORITY\Authenticated UsersReadYes
AllowNT AUTHORITY\SYSTEMRead, WriteYes
AllowNT AUTHORITY\SYSTEMRead, WriteYes
Allow inheritable permissions from the parent to propagate to this object and all child objectsEnabled
Advanced
UpgradesSetting
Required upgrade for existing packagesEnabled
Packages that this package will upgradeGPO
None
Packages in the current GPO that will upgrade this packageNone

Categories
None

Transforms
None
User Configuration (Enabled)
Preferences
Windows Settings
Shortcuts
Shortcut (Path: C:\Temp)
Temp (Order: 1)
General
ActionUpdate
Attributes
Target typeFile system object
Shortcut pathC:\Temp
Target pathC:\Temp
Shortcut keyNone
RunNormal window
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
BFL RDP Idle session timeout
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL RDP Idle session timeout
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/07/2014 18:48:54
Modified15/09/2020 22:11:52
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions8 (AD), 8 (SYSVOL)
Unique ID{0E3A38F0-B017-492D-BBCF-F0B37B0AD159}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
ServersNoEnabledbfl.local/Accounts Computer/Servers
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Singapore/Servers & Exceptions
Domain ControllersNoEnabledbfl.local/Domain Controllers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
S-1-5-21-58594938-1633628789-801526373-75453CustomNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
End session when time limits are reachedEnabled
Set time limit for active but idle Remote Desktop Services sessionsEnabledCreated to automatically logout idle RDP sessions after one day.
Idle session limit:1 day
User Configuration (Disabled)
No settings defined.
GBL Offline Files OPTIMIZATION
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Offline Files OPTIMIZATION
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/09/2014 16:15:28
Modified15/09/2020 22:11:52
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{2738D671-797C-4FCE-AFDA-2872072572FF}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
NY AppV 5 No SCS - Thick Client
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
NY AppV 5 No SCS - Thick Client
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/12/2013 03:37:08
Modified15/09/2020 22:12:18
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{20EEFB01-1FCE-4D20-9476-BC9331E25AAF}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DesktopsNoDisabledbfl.local/Accounts Computer/Desktops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-66216
S-1-5-21-58594938-1633628789-801526373-69444
S-1-5-21-58594938-1633628789-801526373-71961
WMI Filtering
WMI Filter NameNY Computers - Appv
DescriptionNone
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-66216Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-69444Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-71961Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name USPRIM022
Publishing Server URL http://usprim022.bfl.local:8081
Global Publishing Refresh False
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 0
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Day
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 12
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeDisabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsAll
User Configuration (Disabled)
No settings defined.
UK AppV 5 No SCS -Thick Client
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK AppV 5 No SCS -Thick Client
Data collected on: 23/04/2025 10:47:22
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/04/2013 11:30:42
Modified15/09/2020 22:12:18
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions11 (AD), 11 (SYSVOL)
Unique ID{1FE29E5B-3C50-412F-9D39-757269CE0057}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DesktopsNoDisabledbfl.local/Accounts Computer/Desktops
RMSNoDisabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-66216
S-1-5-21-58594938-1633628789-801526373-69444
S-1-5-21-58594938-1633628789-801526373-71961
WMI Filtering
WMI Filter NameUK Computers - Appv
DescriptionNone
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-66216Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-69444Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-71961Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh False
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 0
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Day
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://appvuk.bfl.local:8082
Reporting Time 12
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeDisabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsAll
User Configuration (Disabled)
No settings defined.
Default Developers
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default Developers
Data collected on: 23/04/2025 10:47:23
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created31/05/2013 00:13:04
Modified15/09/2020 22:13:06
User Revisions2 (AD), 0 (SYSVOL)
Computer Revisions43 (AD), 0 (SYSVOL)
Unique ID{CB539964-2B7D-4A31-81F3-624782490610}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
An error has occurred while collecting data for Windows Registry.

The following errors were encountered:
An unknown error occurred while data was gathered for this extension. Details: Could not find a part of the path '\\UKPRDC011.bfl.local\sysvol\bfl.local\Policies\{CB539964-2B7D-4A31-81F3-624782490610}\Machine\Preferences\Registry\Registry.xml'.
Control Panel Settings
Local Users and Groups
An error has occurred while collecting data for Local Users and Groups.

The following errors were encountered:
An unknown error occurred while data was gathered for this extension. Details: Could not find a part of the path '\\UKPRDC011.bfl.local\sysvol\bfl.local\Policies\{CB539964-2B7D-4A31-81F3-624782490610}\Machine\Preferences\Groups\Groups.xml'.
User Configuration (Disabled)
No settings defined.
Default User Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default User Policy
Data collected on: 23/04/2025 10:47:23
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created29/02/2012 00:13:12
Modified15/09/2020 22:13:50
User Revisions69 (AD), 69 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{83F7B7F4-DC19-4271-9986-59212FC74719}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
Thin PCNoDisabledbfl.local/Accounts Service/Applications And Systems/Infrastructure/Thin PC
Accounts UserNoDisabledbfl.local/Accounts User
Support OperationsNoDisabledbfl.local/Accounts User/London/IT/Support Operations

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Internet Explorer Maintenance
Browser User Interface/Customized Title Bar
Title Bar Text
Beazley IT
URLs/Important URLs
NameURL
Home page URLhttp://intranet.beazley.com/
Search bar URLhttp://www.google.com/
Online support page URLNot configured
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Citrix Workspace/User authentication
PolicySettingComment
Local user name and passwordEnabled
Enable pass-through authenticationEnabled
Allow pass-through authentication for all ICA connectionsEnabled
Use Novell Directory Server credentialsDisabled
Control Panel
PolicySettingComment
Hide specified Control Panel itemsEnabled
List of disallowed Control Panel items
appwiz.cpl
hdwwiz.cpl
nusrmgr.cpl
sysdm.cpl
Desktop
PolicySettingComment
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Desktop/Desktop
PolicySettingComment
Disable Active DesktopEnabled
Disallows HTML and Jpg Wallpaper
Microsoft Excel 2010/Excel Options/Security
PolicySettingComment
Force file extension to match file typeEnabled
Allow different
Microsoft Excel 2010/Excel Options/Security/Trust Center/Trusted Locations
PolicySettingComment
Trusted Location #1Enabled
Path:R:\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:7/12/11
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #2Enabled
Path:\\FARLIVFS01\Public\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:24/11/2011
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #3Enabled
Path:P:\source docs\
Date:24/11/2011
Description:First State Source Macro's
Allow sub folders:Disabled
Microsoft Office 2007 system/Improved Error Reporting
PolicySettingComment
Disable reporting of error messagesEnabled
Disable reporting of non-critical errorsEnabled
Microsoft Office 2007 system/Privacy/Trust Center
PolicySettingComment
Automatically receive small updates to improve reliabilityDisabled
Disable Opt-in Wizard on first runEnabled
Enable Customer Experience Improvement ProgramDisabled
Microsoft Office 2007 system/Shared paths
PolicySettingComment
Workgroup templates pathEnabled
Workgroup templates path\\w2kfileserver\groups\CrossBusiness\Templates
Microsoft Office 2010/Disable Items in User Interface
PolicySettingComment
Disable commands under File tab | HelpEnabled
Office AssistantDisabled
Getting StartedDisabled
Contact UsDisabled
Office CenterDisabled
Take Office With YouDisabled
Check for UpdatesEnabled
Microsoft Office 2010/Improved Error Reporting
PolicySettingComment
Stop reporting error messagesEnabled
Stop reporting non-critical errorsEnabled
Microsoft Office 2010/Miscellaneous
PolicySettingComment
Suppress recommended settings dialogEnabled
Microsoft Office 2010/Privacy/Trust Center
PolicySettingComment
Disable Opt-in Wizard on first runDisabled
Enable Customer Experience Improvement ProgramDisabled
Microsoft Office 2010/Shared paths
PolicySettingComment
Workgroup templates pathEnabled
Workgroup templates path\\w2kfileserver\groups\CrossBusiness\Templates
Microsoft Office Excel 2007/Excel Options/Security
PolicySettingComment
Force file extension to match file typeEnabled
Allow different
Microsoft Office Excel 2007/Excel Options/Security/Trust Center/Trusted Locations
PolicySettingComment
Trusted Location #1Enabled
Path: R:\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:30/10/09
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #2Enabled
Path:\\FARLIVFS01\Public\Beazley USA\Specialty Lines\Admitted Product Documents\Rating Sheets\AE
Date:30/10/09
Description:REL002204
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #3Enabled
Path:p:\source docs\
Date:27/07/2010
Description:First State Source Macro's
Allow sub folders:Disabled
Microsoft Office Outlook 2007/Tools | Account Settings/Exchange
PolicySettingComment
Configure Outlook Anywhere user interface optionsEnabled
Choose UI State when OS can support feature:Disable but show all config UI
Microsoft Office Outlook 2007/Tools | Account Settings/Exchange/Cached Exchange Mode
PolicySettingComment
Cached Exchange Mode (File | Cached Exchange Mode)Enabled
Select Cached Exchange Mode for new profilesDownload Full Items
PolicySettingComment
Download Public Folder FavoritesDisabled
Download shared non-mail foldersDisabled
Use Cached Exchange Mode for new and existing Outlook profilesEnabled
Microsoft Office Outlook 2007/Tools | Account Settings/RSS Feeds
PolicySettingComment
Turn off RSS featureEnabled
Microsoft Office Outlook 2007/Tools | Options.../Other/AutoArchive
PolicySettingComment
AutoArchive SettingsDisabled
Microsoft Office Outlook 2007/Tools | Options.../Other/Person Names
PolicySettingComment
Display online status on a person nameEnabled
Display online presence: Everywhere
Microsoft Office Outlook 2007/Tools | Options.../Preferences/Calendar Options/Free/Busy Options
PolicySettingComment
OptionsEnabled
Months of Free/Busy information published:4
Prevent users from changing Months of Free/Busy informationEnabled
being published
Free/Busy updated on the server every xxx seconds:900
Microsoft Office Outlook 2007/Tools | Options.../Preferences/Junk E-mail
PolicySettingComment
Junk E-mail protection levelEnabled
Select level:No Protection
Microsoft Office Outlook 2007/Tools | Options.../Preferences/Search Options
PolicySettingComment
Prevent installation prompts when Windows Desktop Search component is not presentEnabled
Microsoft Outlook 2010/Account Settings/Exchange
PolicySettingComment
Configure Outlook Anywhere user interface optionsEnabled
Choose UI State when OS can support feature:All config UI enabled
Microsoft Outlook 2010/Account Settings/Exchange/Cached Exchange Mode
PolicySettingComment
Cached Exchange Mode (File | Cached Exchange Mode)Enabled
Select Cached Exchange Mode for new profilesDownload Full Items
PolicySettingComment
Download Public Folder FavoritesDisabled
Download shared non-mail foldersDisabled
Microsoft Outlook 2010/Account Settings/Exchange/Offline Address Book
PolicySettingComment
Use only OAB v4Enabled
Microsoft Outlook 2010/Account Settings/RSS Feeds
PolicySettingComment
Turn off RSS featureEnabled
Microsoft Outlook 2010/Outlook Options/Other/AutoArchive
PolicySettingComment
AutoArchive SettingsDisabled
Microsoft Outlook 2010/Outlook Options/Preferences/Calendar Options/Free/Busy Options
PolicySettingComment
OptionsEnabled
Months of Free/Busy information published:4
Prevent users from changing Months of Free/Busy information being publishedEnabled
Free/Busy updated on the server every xxx seconds:900
Microsoft Outlook 2010/Outlook Options/Preferences/Junk E-mail
PolicySettingComment
Junk E-mail protection levelEnabled
Select level:No Protection
Microsoft Outlook 2010/Outlook Options/Preferences/Search Options
PolicySettingComment
Prevent installation prompts when Windows Desktop Search component is not presentEnabled
Start Menu and Taskbar
PolicySettingComment
Remove Music icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove the Security and Maintenance iconEnabledApplied by C.Cardoso - 09/08/13
System
PolicySettingComment
Do not display the Getting Started welcome screen at logonEnabled
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?No
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:CD-ROM and removable media drives
Windows Components/File Explorer
PolicySettingComment
Hide these specified drives in My ComputerEnabled
Pick one of the following combinationsRestrict A, B and C drives only
PolicySettingComment
Prevent access to drives from My ComputerEnabled
Pick one of the following combinationsRestrict A, B and C drives only
PolicySettingComment
Remove Hardware tabEnabled
Request credentials for network installationsEnabled
Windows Components/Internet Explorer
PolicySettingComment
Disable caching of Auto-Proxy scriptsEnabled
Prevent managing the phishing filterEnabled
Select phishing filter modeAutomatic
PolicySettingComment
Prevent participation in the Customer Experience Improvement ProgramEnabled
Prevent running First Run wizardEnabled
Select your choiceGo directly to home page
Windows Components/Internet Explorer/Internet Settings/Advanced settings/Browsing
PolicySettingComment
Turn off details in messages about Internet connection problemsEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
.Net Framework ConfigurationDisabled
Active Directory Domains and TrustsDisabled
Active Directory Sites and ServicesDisabled
Active Directory Users and ComputersDisabled
ActiveX ControlDisabled
ADSI EditDisabled
Certificate TemplatesDisabled
CertificatesDisabled
Certification AuthorityDisabled
Component ServicesDisabled
Computer ManagementDisabled
Disk DefragmenterDisabled
Disk ManagementDisabled
Distributed File SystemDisabled
FrontPage Server ExtensionsDisabled
Internet Authentication Service (IAS)Disabled
Internet Information ServicesDisabled
IP Security MonitorDisabled
Local Users and GroupsDisabled
Remote Desktop Services ConfigurationDisabled
Remote DesktopsDisabled
Removable Storage ManagementDisabled
Routing and Remote AccessDisabled
Security Configuration and AnalysisDisabled
Security TemplatesDisabled
ServicesDisabled
TelephonyDisabled
Wireless MonitorDisabled
WMI ControlDisabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Extension snap-ins
PolicySettingComment
Device ManagerDisabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Group Policy
PolicySettingComment
Group Policy ManagementDisabled
Group Policy Object EditorDisabled
Group Policy tab for Active Directory ToolsDisabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins/Group Policy/Group Policy snap-in extensions
PolicySettingComment
IP Security Policy ManagementDisabled
Windows Components/Search
PolicySettingComment
Default excluded pathsEnabled
Default Excluded Paths
outlookexpress://{*}/*
Windows Components/Task Scheduler
PolicySettingComment
Prohibit New Task CreationEnabled
Prohibit Task DeletionEnabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1
Preferences
Windows Settings
Files
File (Target Path: %userprofile%\application data\Microsoft\Templates\Normal.dotm)
Normal.dotm (Order: 1)
General
ActionReplace
Properties
Source file(s)\\bfl.local\netlogon\Normal.dotm
Destination file%userprofile%\application data\Microsoft\Templates\Normal.dotm
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
File (Target Path: %userprofile%\application data\Microsoft\templates\document themes\Default Theme.thmx)
Default Theme.thmx (Order: 2)
General
ActionReplace
Properties
Source file(s)\\bfl.local\netlogon\Default Theme.thmx
Destination file%userprofile%\application data\Microsoft\templates\document themes\Default Theme.thmx
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Folders
Folder (Path: C:\Documents and Settings\%username%\application data\microsoft\Templates/Document Themes)
Templates/Document Themes (Order: 1)
General
ActionUpdate
Attributes
PathC:\Documents and Settings\%username%\application data\microsoft\Templates/Document Themes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry
AutoEndTasks (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Desktop
Value nameAutoEndTasks
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Restart Notification Script
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Restart Notification Script
Data collected on: 23/04/2025 10:47:23
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/06/2015 21:08:22
Modified15/09/2020 22:17:12
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{B5F11391-B25C-47F0-89BC-CD680E297BF5}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
Default Domain Firewall Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default Domain Firewall Policy 1.0
Data collected on: 23/04/2025 10:47:23
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created11/05/2015 11:54:44
Modified15/09/2020 22:21:32
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{7B1759F4-BC0F-4DB7-9082-3D78DC0BDB99}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
ServersNoEnabledbfl.local/Accounts Computer/Servers
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Singapore/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.10
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Private Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Public Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Inbound Rules
NameDescription
Windows Remote Management (HTTP-In)Inbound rule for Windows Remote Management via WS-Management. [TCP 5985]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port5985
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupWindows Remote Management (Compatibility)
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Network Connections/Windows Firewall/Domain Profile
PolicySettingComment
Windows Firewall: Protect all network connectionsDisabled
User Configuration (Enabled)
No settings defined.
BFL Screen Saver Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Screen Saver Policy
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created29/08/2006 13:56:48
Modified15/09/2020 22:22:22
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{B14A5772-73B1-4B90-A578-B4230D257468}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
IT Support AccountsNoEnabledbfl.local/Accounts Privileged/IT Support Accounts
TestNoEnabledbfl.local/Accounts User/Farmington/IT/Test

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\lockingCustomNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Password protect the screen saverEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:600
BFL UAC implementation
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL UAC implementation
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created11/03/2016 03:01:12
Modified15/09/2020 22:23:22
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{D5756C7F-73A3-4E0C-8B5D-87294AFDFE1E}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DesktopsNoDisabledbfl.local/Accounts Computer/Desktops
RMSNoDisabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-91110
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-91110Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
User Account Control
PolicySetting
User Account Control: Admin Approval Mode for the Built-in Administrator accountEnabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktopDisabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModePrompt for credentials on the secure desktop
User Account Control: Behavior of the elevation prompt for standard usersPrompt for credentials on the secure desktop
User Account Control: Detect application installations and prompt for elevationEnabled
User Account Control: Only elevate executables that are signed and validatedDisabled
User Account Control: Only elevate UIAccess applications that are installed in secure locationsEnabled
User Account Control: Run all administrators in Admin Approval ModeEnabled
User Account Control: Switch to the secure desktop when prompting for elevationEnabled
User Account Control: Virtualize file and registry write failures to per-user locationsEnabled
User Configuration (Disabled)
No settings defined.
Citrix VDA Non-Admin Users (lockdown)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix VDA Non-Admin Users (lockdown)
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created01/04/2016 14:56:18
Modified15/09/2020 22:23:42
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{4ABA730C-2D84-4353-A7B5-B13B282D1D91}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Rol.Sec_DesktopInfraCustomNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
MBAM Desktop Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
MBAM Desktop Policy 1.0
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created08/04/2016 14:53:58
Modified15/09/2020 22:23:48
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{97692BFB-0831-47C4-BEA7-987729094FC2}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
MBAM Removable Media Writers Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
MBAM Removable Media Writers Policy 1.0
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created08/04/2016 14:55:56
Modified15/09/2020 22:23:48
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{392A853E-8C2D-4F80-A19D-5BE7332B8E6E}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
BFL Loopback Processing (Merge)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Loopback Processing (Merge)
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created20/04/2016 11:15:40
Modified15/09/2020 22:24:00
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{A2B9BAE6-08AA-415E-9441-3AA014803104}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Merge
User Configuration (Enabled)
No settings defined.
Default Thin PC Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default Thin PC Policy 1.0
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created23/09/2013 11:33:56
Modified15/09/2020 22:24:36
User Revisions51 (AD), 0 (SYSVOL)
Computer Revisions63 (AD), 0 (SYSVOL)
Unique ID{DA859857-CDA5-421B-B940-0FD0702878C2}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsCustomNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
An error has occurred while collecting data for Windows Registry.

The following errors were encountered:
An unknown error occurred while data was gathered for this extension. Details: Could not find a part of the path '\\UKPRDC011.bfl.local\sysvol\bfl.local\Policies\{DA859857-CDA5-421B-B940-0FD0702878C2}\Machine\Preferences\Registry\Registry.xml'.
User Configuration (Enabled)
Preferences
Windows Settings
Registry
An error has occurred while collecting data for Windows Registry.

The following errors were encountered:
An unknown error occurred while data was gathered for this extension. Details: Could not find a part of the path '\\UKPRDC011.bfl.local\sysvol\bfl.local\Policies\{DA859857-CDA5-421B-B940-0FD0702878C2}\User\Preferences\Registry\Registry.xml'.
MBAM Laptop Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
MBAM Laptop Policy 1.0
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created20/05/2016 12:55:30
Modified15/09/2020 22:24:36
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{C1AE5C87-FDC2-4EB3-AFB5-CA0C5794179B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-91159
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-91159Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/BitLocker Drive Encryption/Operating System Drives
PolicySettingComment
Disallow standard users from changing the PIN or passwordEnabled
Require additional authentication at startupEnabled
Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive) 
Settings for computers with a TPM:
Configure TPM startup:Allow TPM
Configure TPM startup PIN:Allow startup PIN with TPM
Configure TPM startup key:Allow startup key with TPM
Configure TPM startup key and PIN:Allow startup key and PIN with TPM
PolicySettingComment
Require additional authentication at startup (Windows Server 2008 and Windows Vista)Enabled
Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive) 
Settings for computers with a TPM:
Configure TPM startup key:Allow startup key with TPM
Configure TPM startup PIN:Allow startup PIN with TPM
Important: If you require the startup key, you must not allow the startup PIN.
If you require the startup PIN, you must not allow the startup key. Otherwise, a policy error occurs.
Note: Do not allow both startup PIN and startup key options to hide the advanced page on a computer with a TPM.
Windows Components/MDOP MBAM (BitLocker Management)
PolicySettingComment
Choose drive encryption method and cipher strengthEnabled
Select the encryption method:AES 256-bit
Windows Components/MDOP MBAM (BitLocker Management)/Client Management
PolicySettingComment
Configure automatically resetting TPM lockoutsEnabled
Configure customer experience improvement programDisabled
Configure MBAM servicesEnabled
MBAM Recovery service endpoint:https://ukprws014.bfl.local/MBAMRecoveryAndHardwareService/CoreService.svc
Select BitLocker recovery information to store:Recovery password and key package
Enter client checking status frequency in (minutes):90
Configure MBAM Status reporting service:Enabled
MBAM Status reporting service endpoint:https://ukprws014.bfl.local/MBAMComplianceStatusService/StatusReportingService.svc
Enter status report frequency in (minutes):90
PolicySettingComment
Provide the URL for the Security Policy linkEnabled
Security Policy link URL:http://intranet.beazley.com
Windows Components/MDOP MBAM (BitLocker Management)/Fixed Drive
PolicySettingComment
Deny write access to fixed drives not protected by BitLockerEnabled
Encryption Policy Enforcement SettingsEnabled
Configure the number of noncompliance grace period days for fixed drives. This grace period begins only after the operating system drive compliance is detected:0
PolicySettingComment
Fixed data drive encryption settingsEnabled
This policy setting allows you to manage whether the fixed data drive must be encrypted or not.
Configure Auto-Unlock for fixed data drive:Allow Auto-Unlock
Windows Components/MDOP MBAM (BitLocker Management)/Operating System Drive
PolicySettingComment
Choose how BitLocker-protected operating system drives can be recoveredEnabled
Allow data recovery agentDisabled
When using ‘BitLocker Management Solution’, the “Save BitLocker recovery information to AD DS for operating system drive” option should be unchecked
Omit recovery options from the BitLocker setup wizardEnabled
Save BitLocker recovery information to AD DS for operating system drivesEnabled
Configure storage of BitLocker recovery information to AD DS:Store recovery passwords and key packages
Do not enable BitLocker until recovery information is stored to AD DS for operating system drivesEnabled
PolicySettingComment
Configure use of passwords for operating system drivesEnabled
Configure password complexity for operating system drives:Require password complexity
Minimum password length for operating system drive:8
Note: You must enable the "Password must meet complexity requirements" policy setting for the password complexity setting to take effect.
Require ASCII-only passwords for removable OS drivesDisabled
PolicySettingComment
Encryption Policy Enforcement SettingsEnabled
Configure the number of noncompliance grace period days for operating system drives:0
PolicySettingComment
Operating system drive encryption settingsEnabled
Allow BitLocker without a compatible TPM (requires a password)Enabled
Select protector for operating system drive: 
Settings for computers with a TPM:
Configure minimum PIN length for startup4
PolicySettingComment
Reset platform validation data after BitLocker recoveryEnabled
User Configuration (Enabled)
No settings defined.
GBL Windows 10 Regular Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Windows 10 Regular Policy 1.0
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created27/05/2016 11:50:18
Modified15/09/2020 22:24:44
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{9560808B-D65F-4287-B450-BD2950688C3B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
GBL Windows 10 Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Windows 10 Policy 1.0
Data collected on: 23/04/2025 10:47:24
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created13/06/2016 18:02:22
Modified15/09/2020 22:25:06
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{2D55A713-BD4D-4BF8-8CAE-60FD6262F055}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
[AGPM] GBL Windows 10 Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
[AGPM] GBL Windows 10 Policy 1.0
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created13/06/2016 18:02:56
Modified15/09/2020 22:25:06
User Revisions9 (AD), 9 (SYSVOL)
Computer Revisions52 (AD), 52 (SYSVOL)
Unique ID{DA31D25D-5A4C-482F-95EF-C28081B92ABC}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\App.Pub.Microsoft.Windows.10
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\App.Pub.Microsoft.Windows.10Read (from Security Filtering)No
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Wireless Network (802.11) Policies
New Wireless Network Policy
Policy NameNew Wireless Network Policy
Policy DescriptionSample Description
Policy TypeWindows Vista and Later Releases
Global Settings
Use Windows wireless LAN network services for clientsEnabled
Shared user credentials for network authenticationEnabled
Hosted networksEnabled
Allow user to view denied networksEnabled
Allow everyone to create all user profilesEnabled
Only use Group Policy profiles for allowed networksDisabled
Network Filters
Prevent connection to infrastructure networksDisabled
Prevent connection to adhoc networksDisabled
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Force a specific default lock screen imageEnabled
Path to lock screen image:C:\Windows\Web\Wallpaper\beazley_desktop_world.jpg
Example: Using a local path: C:\windows\web\screen\lockscreen.jpg
Example: Using a UNC path: \\Server\Share\Corp.jpg
Turn off fun facts, tips, tricks, and more on lock screenEnabled
PolicySettingComment
Prevent changing lock screen imageEnabled
Prevent changing start menu backgroundEnabled
Prevent enabling lock screen cameraEnabled
Prevent enabling lock screen slide showEnabled
Control Panel/User Accounts
PolicySettingComment
Apply the default account picture to all usersEnabled
System/Logon
PolicySettingComment
Always use custom logon backgroundEnabled
Do not display network selection UIEnabled
Do not display the Getting Started welcome screen at logonEnabled
Turn off app notifications on the lock screenEnabled
Turn off picture password sign-inEnabled
Windows Components/Application Compatibility
PolicySettingComment
Turn off Application TelemetryEnabled
Turn off Inventory CollectorEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:CD-ROM and removable media drives
Windows Components/Data Collection and Preview Builds
PolicySettingComment
Allow TelemetryEnabled
0 - Security [Enterprise Only]
PolicySettingComment
Disable pre-release features or settingsDisabled
Do not show feedback notificationsEnabled
Toggle user control over Insider buildsDisabled
Windows Components/Desktop Gadgets
PolicySettingComment
Turn off desktop gadgetsEnabled
Turn Off user-installed desktop gadgetsEnabled
Windows Components/File Explorer
PolicySettingComment
Set a default associations configuration fileEnabled
Default Associations Configuration File"\\bfl.local\SYSVOL\bfl.local\scripts\WIN10\defaultassociations.xml"
Windows Components/Maps
PolicySettingComment
Turn off Automatic Download and Update of Map DataEnabled
Windows Components/Microsoft Edge
PolicySettingComment
Send all intranet sites to Internet Explorer 11Enabled
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageEnabled
Windows Components/Search
PolicySettingComment
Allow CortanaDisabled
Don't search the web or display web results in SearchEnabled
Prevent automatically adding shared folders to the Windows Search indexEnabled
Windows Components/Store
PolicySettingComment
Disable all apps from Windows Store Enabled
Turn off the Store applicationEnabled
Windows Components/Windows Mail
PolicySettingComment
Turn off Windows Mail applicationDisabled
Windows Components/Windows Update
PolicySettingComment
Defer Upgrades and UpdatesEnabled
Defer upgrades for the following
duration (months): 0
Defer updates for the following
duration (weeks): 0
Pause Upgrades and UpdatesEnabled
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Desktop/Desktop
PolicySettingComment
Desktop WallpaperEnabled
Wallpaper Name:C:\Windows\Web\Wallpaper\beazley_desktop_world.jpg
Example: Using a local path: C:\windows\web\wallpaper\home.jpg
Example: Using a UNC path: \\Server\Share\Corp.jpg
Wallpaper Style:Center
PolicySettingComment
Prohibit changesEnabled
GBL Windows Power Plan
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Windows Power Plan
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created23/04/2014 05:24:58
Modified15/09/2020 22:25:24
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions30 (AD), 30 (SYSVOL)
Unique ID{6C79B002-0319-45B0-BEAB-6BB74CD0052F}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Power Management/Hard Disk Settings
PolicySettingComment
Turn Off the hard disk (on battery)Enabled
Turn Off the Hard Disk (seconds):300
PolicySettingComment
Turn Off the hard disk (plugged in)Enabled
Turn Off the Hard Disk (seconds):1200
System/Power Management/Notification Settings
PolicySettingComment
Critical battery notification actionEnabled
Critical Battery Notification ActionHibernate
System/Power Management/Sleep Settings
PolicySettingComment
Require a password when a computer wakes (on battery)Enabled
Require a password when a computer wakes (plugged in)Enabled
Specify the system hibernate timeout (on battery)Enabled
System Hibernate Timeout (seconds):1800
PolicySettingComment
Specify the system hibernate timeout (plugged in)Enabled
System Hibernate Timeout (seconds):0
PolicySettingComment
Specify the system sleep timeout (on battery)Disabled
Specify the system sleep timeout (plugged in)Disabled
Specify the unattended sleep timeout (on battery)Disabled
Specify the unattended sleep timeout (plugged in)Disabled
Turn off hybrid sleep (on battery)Enabled
Turn off hybrid sleep (plugged in)Enabled
User Configuration (Disabled)
No settings defined.
GBL Citrix Local Administrators
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Citrix Local Administrators
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created10/08/2016 15:53:02
Modified15/09/2020 22:26:32
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{DFEBD9A3-9259-4113-BF19-79764AC1C7A2}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
User Configuration (Disabled)
No settings defined.
USPRIM015_IPAM_DC_NPS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
USPRIM015_IPAM_DC_NPS
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/01/2016 23:50:40
Modified15/09/2020 22:27:06
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{BAE8F46D-21DB-4838-87C8-83A1CFB01557}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.20
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Inbound Rules
NameDescription
Remote Event Log Management (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Event Log Service.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupRemote Event Log Management
Remote Event Log Management (RPC)Inbound rule for the local Event Log service to be remotely managed via RPC/TCP.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceEventlog
Allow edge traversalFalse
GroupRemote Event Log Management
Remote Service Management (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Service Control Manager.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupRemote Service Management
Remote Service Management (RPC)Inbound rule for the local Service Control Manager to be remotely managed via RPC/TCP.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\services.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupRemote Service Management
Connection Security Settings
User Configuration (Enabled)
No settings defined.
GBL Windows 10 User Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Windows 10 User Policy
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created27/09/2016 08:56:44
Modified15/09/2020 22:27:20
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{067FC44A-81BD-4309-AD32-5D194DA9E47F}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
BFL Wireless Settings
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Wireless Settings
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created13/02/2006 09:48:10
Modified15/09/2020 22:29:08
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions21 (AD), 21 (SYSVOL)
Unique ID{063A39AE-CE58-446F-8AA5-7540407619A5}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
S-1-5-21-58594938-1633628789-801526373-21803CustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Wireless Network (802.11) Policies
Beazley Internal WLAN
Policy NameBeazley Internal WLAN
Policy Description
Policy TypeWindows Vista and Later Releases
Global Settings
Use Windows wireless LAN network services for clientsEnabled
Shared user credentials for network authenticationEnabled
Hosted networksEnabled
Allow user to view denied networksEnabled
Allow everyone to create all user profilesEnabled
Only use Group Policy profiles for allowed networksDisabled
Network Filters
Prevent connection to infrastructure networksDisabled
Prevent connection to adhoc networksDisabled
Allowed Networks
Network Name (SSID)Network Type
Wireless-PInfrastructure
-Wireless-BZY-Infrastructure
Preferred Network Profiles
Wireless-P
Profile NameWireless-P
Network TypeInfrastructure
Automatically connect to this networkEnabled
Automatically switch to a more preferred networkEnabled
  
Network Name (SSID)Network Broadcasts its SSID
Wireless-PFalse
Security Settings
AuthenticationWPA2
EncryptionAES
Use 802.1XEnabled
Pairwise Master Key (PMK) CachingEnabled
PMK Time-to-Live (minutes)720
Number of Entries in PMK Cache128
Use Network Pre-authenticationDisabled
IEEE 802.1X Settings
Computer AuthenticationUser re-authentication
Maximum Authentication Failures1
Maximum EAPOL-Start Messages Sent3
Held Period (seconds)1
Start Period (seconds)5
Authentication Period (seconds)18
Network Authentication Method Properties
Authentication methodProtected EAP (PEAP)
Validate server certificateDisabled
Enable fast reconnectEnabled
Disconnect if server does not present cryptobinding TLVDisabled
Enforce network access protectionDisabled
Authentication Method Configuration
Authentication methodSecured password (EAP-MSCHAP v2)
Automatically use my Windows logon name and password(and domain if any)Enabled
-Wireless-BZY-
Profile Name-Wireless-BZY-
Network TypeInfrastructure
  
Network Name (SSID)Network Broadcasts its SSID
-Wireless-BZY-False
Security Settings
AuthenticationWPA
EncryptionTKIP
Use 802.1XEnabled
IEEE 802.1X Settings
Computer AuthenticationUser re-authentication
Maximum EAPOL-Start Messages Sent3
Held Period (seconds)60
Start Period (seconds)60
Authentication Period (seconds)30
Network Authentication Method Properties
Authentication methodProtected EAP (PEAP)
Validate server certificateDisabled
Enable fast reconnectEnabled
Disconnect if server does not present cryptobinding TLVDisabled
Enforce network access protectionDisabled
Authentication Method Configuration
Authentication methodSecured password (EAP-MSCHAP v2)
Automatically use my Windows logon name and password(and domain if any)Enabled
User Configuration (Disabled)
No settings defined.
GBL MTI Backup
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL MTI Backup
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/12/2016 14:19:14
Modified15/09/2020 22:29:08
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{DFC47AF8-D5F2-4B31-B834-A34AA3E3154F}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
WMI Filtering
WMI Filter NameAvamar Clients
DescriptionFilter all Avamar Clients
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Control Panel Settings
Local Users and Groups
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
BFL\MTI Backup SupportS-1-5-21-58594938-1633628789-801526373-92868
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
GBL Windows 10 Lite (Reporting Screens)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Windows 10 Lite (Reporting Screens)
Data collected on: 23/04/2025 10:47:25
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created06/12/2016 23:34:14
Modified15/09/2020 22:29:14
User Revisions12 (AD), 12 (SYSVOL)
Computer Revisions18 (AD), 18 (SYSVOL)
Unique ID{6A881488-4632-47F1-BA7F-7EC9BA3B47E4}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/DNS Client
PolicySettingComment
DNS suffix search listEnabled
DNS Suffixes:bfl.local,beazleydev.local
Start Menu and Taskbar
PolicySettingComment
Start LayoutEnabled
Start Layout File\\bfl.local\SYSVOL\bfl.local\scripts\WIN10\LiteStartMenu.xml
Windows Components/Microsoft Edge
PolicySettingComment
Send all intranet sites to Internet Explorer 11Enabled
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageEnabled
Preferences
Control Panel Settings
Power Options
Power Plan (At least Windows 7) (Name: Balanced)
Power Plan (Windows Vista and later) (Order: 1)
Properties
ActionUpdate
Make this the active Power Plan:Enabled
NameBalanced
When computer is:Plugged inRunning on batteries
Require a password on wakeup:YesYes
Turn off hard disk after:NeverNever
Sleep after:NeverNever
Allow hybrid sleep:OffOff
Hibernate after:NeverNever
Lid close action:SleepSleep
Power button action:ShutdownShutdown
Start menu power button:HibernateHibernate
Link State Power Management:Moderate power savingsMaximum power savings
Minimum processor state:After 5 minutesAfter 5 minutes
Maximum processor state:After 100 minutesAfter 100 minutes
Turn off display after:NeverNever
Adaptive display:OnOn
Critical battery action:Do nothingHibernate
Low battery level:After 10 minutesAfter 10 minutes
Critical battery level:After 5 minutesAfter 5 minutes
Low battery notification:OffOff
Low battery action:Do nothingDo nothing
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverDisabled
Force specific screen saverEnabled
Screen saver executable namec:\windows\SysWOW64\Beazley.scr
PolicySettingComment
Screen saver timeoutDisabled
System/Removable Storage Access
PolicySettingComment
Removable Disks: Deny write accessEnabled
GBL - Block Virus File Hash
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL - Block Virus File Hash
Data collected on: 23/04/2025 10:47:26
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/12/2016 23:10:56
Modified15/09/2020 22:29:26
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{AAD26EB9-CE3A-46B3-A487-71DFBF248AC5}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
bflYesEnabledbfl.local

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVB File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Hash Rules
Wells Fargo SurePay Confirmation Document (1).pdf; 200 KB; 15/12/2016 23:35:48
Security LevelDisallowed
Description
Date last modified15/12/2016 23:36:31
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified15/12/2016 23:14:03
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified15/12/2016 23:14:03
User Configuration (Enabled)
No settings defined.
[AGPM] Trusted Sites Policy Prod 5.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
[AGPM] Trusted Sites Policy Prod 5.0
Data collected on: 23/04/2025 10:47:26
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created16/02/2017 17:18:20
Modified15/09/2020 22:31:30
User Revisions123 (AD), 123 (SYSVOL)
Computer Revisions6 (AD), 6 (SYSVOL)
Unique ID{69D0425F-21AF-47B0-ACC7-7E7B1DD58142}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Explorer
PolicySettingComment
Let users turn on and use Enterprise Mode from the Tools menuEnabled
Type the location (URL) of where to receive reports about the websites for which users turn on and use Enterprise Mode
Windows Components/Internet Explorer/Internet Control Panel/Security Page
PolicySettingComment
Site to Zone Assignment ListEnabled
Enter the zone assignments here. 
http://snow.bfl.local3
http://myprofile-uat.beazley.com1
http://myprofile-sys.beazley.com1
http://myprofile.beazley.com1
http://lumesse.com/2
http://intranet-uat.beazley.com1
http://intranet-sys.beazley.com1
http://intranet.beazley.com1
http://imagegenerator-uat.beazley.com1
http://imagegenerator-sys.beazley.com1
http://imagegenerator-dev.beazley.com1
http://imagegenerator.beazley.com1
http://collaboration-uat.beazley.com1
http://collaboration-sys.beazley.com1
http://collaboration.beazley.com1
http://bic-uat.beazley.com/1
http://bic-sys.beazley.com/1
http://bic.beazley.com/1
http://bfl.local/1
http://beazleytrade.com/1
http://beazleypro.com/1
https://bfl.local/1
file://bfl.local1
https://sts.beazley.com1
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsDisable
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingEnable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptPrompt
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsPrompt
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Disable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsPrompt
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsHigh safety
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEPrompt
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon only in Intranet zone
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeEnable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesPrompt
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsMedium safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsPrompt
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingEnable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptEnable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsPrompt
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsPrompt
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsMedium safety
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEPrompt
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon only in Intranet zone
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsEnable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeEnable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesEnable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsMedium safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsDisable
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingDisable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptDisable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesPrompt
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsDisable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsDisable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsDisable
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHDisable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Disable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsDisable
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsDisable Java
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEDisable
PolicySettingComment
Logon optionsEnabled
Logon optionsPrompt for user name and password
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeDisable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeDisable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsDisable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingDisable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsDisable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesDisable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsHigh safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataPrompt
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceDisable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsDisable
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingEnable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptPrompt
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsPrompt
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Disable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsPrompt
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsHigh safety
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEPrompt
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon only in Intranet zone
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeEnable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesEnable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsMedium safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
Preferences
Windows Settings
Registry
http://intranet.beazley.com/ (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathSoftware\Microsoft\Internet Explorer\Main
Value namehttp://intranet.beazley.com/
Value typeREG_SZ
Value dataDefault_Page_URL
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Start Page (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathSoftware\Microsoft\Internet Explorer\Main
Value nameStart Page
Value typeREG_SZ
Value datahttp://intranet.beazley.com
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
USPRIM015_IPAM_DNS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
USPRIM015_IPAM_DNS
Data collected on: 23/04/2025 10:47:26
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/01/2016 23:50:34
Modified15/09/2020 22:32:02
User Revisions4 (AD), 4 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{F9065346-703F-4F04-A6C8-0A30E979A960}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\USPRDC027$
S-1-5-21-58594938-1633628789-801526373-18627
S-1-5-21-58594938-1633628789-801526373-29100
S-1-5-21-58594938-1633628789-801526373-33477
S-1-5-21-58594938-1633628789-801526373-37652
S-1-5-21-58594938-1633628789-801526373-40251
S-1-5-21-58594938-1633628789-801526373-40648
S-1-5-21-58594938-1633628789-801526373-49007
S-1-5-21-58594938-1633628789-801526373-49025
S-1-5-21-58594938-1633628789-801526373-49370
S-1-5-21-58594938-1633628789-801526373-49413
S-1-5-21-58594938-1633628789-801526373-60619
S-1-5-21-58594938-1633628789-801526373-60620
S-1-5-21-58594938-1633628789-801526373-63083
S-1-5-21-58594938-1633628789-801526373-63124
S-1-5-21-58594938-1633628789-801526373-64591
S-1-5-21-58594938-1633628789-801526373-64932
S-1-5-21-58594938-1633628789-801526373-65542
S-1-5-21-58594938-1633628789-801526373-65937
S-1-5-21-58594938-1633628789-801526373-75332
S-1-5-21-58594938-1633628789-801526373-76580
S-1-5-21-58594938-1633628789-801526373-77432
S-1-5-21-58594938-1633628789-801526373-78588
S-1-5-21-58594938-1633628789-801526373-80083
S-1-5-21-58594938-1633628789-801526373-86616
S-1-5-21-58594938-1633628789-801526373-89083
S-1-5-21-58594938-1633628789-801526373-93542
S-1-5-21-58594938-1633628789-801526373-97600
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\USPRDC027$Read (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-18627Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-29100Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-33477Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-37652Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-40251Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-40648Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49007Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49025Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49370Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49413Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-60619Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-60620Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-63083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-63124Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-64591Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-64932Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-65542Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-65937Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-75332Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-76580Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-77432Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-78588Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-80083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-86616Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-89083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-93542Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-97600Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\IPAMUGBUILTIN\Event Log Readers
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.20
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Inbound Rules
NameDescription
RPC (TCP, Incoming)Inbound rule to allow remote RPC/TCP access to the DNS service.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%systemroot%\System32\dns.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicedns
Allow edge traversalFalse
GroupDNS Service
RPC Endpoint Mapper (TCP, Incoming)Inbound rule for the RPCSS service to allow RPC/TCP traffic to the DNS Service.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%systemroot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicerpcss
Allow edge traversalFalse
GroupDNS Service
Remote Event Log Management (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Event Log Service.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupRemote Event Log Management
Remote Event Log Management (RPC)Inbound rule for the local Event Log service to be remotely managed via RPC/TCP.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceEventlog
Allow edge traversalFalse
GroupRemote Event Log Management
Remote Service Management (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Service Control Manager.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupRemote Service Management
Remote Service Management (RPC)Inbound rule for the local Service Control Manager to be remotely managed via RPC/TCP.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\services.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupRemote Service Management
Connection Security Settings
Preferences
Control Panel Settings
Scheduled Tasks
Scheduled Task (Name: IpamDnsProvisioning)
IpamDnsProvisioning (Order: 1)
General
ActionUpdate
Task
NameIpamDnsProvisioning
Runcmd.exe
Arguments/c "\\bfl.local\SYSVOL\bfl.local\Policies\{f9065346-703f-4f04-a6c8-0a30e979a960}\Machine\Scripts\Startup\ipamprovisioningwrapper.bat" DNS IPAMUG@bfl.local S-1-5-21-58594938-1633628789-801526373-72123
CommentsTask to provision Ipam access settings on the DNS server.
Scheduled task runs at a specified timeEnabled
Schedule
1. Every 60 minute(s) from 17:00 for 1440 minutes every day. This task starts on 28/11/2011
Settings
Delete the task if it is not scheduled to run againNo
Stop the task if the computer ceases to be idleNo
Do not start the task if the computer is running on batteriesDisabled
Stop the task if battery mode beginsDisabled
Wake the computer to run this taskDisabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Operating System
AttributeValue
boolAND
not0
classNT
version2K8
typeNE
editionNE
spNE
Scheduled Task (At least Windows 7) (Name: IpamDnsProvisioning)
IpamDnsProvisioning (Order: 2)
General
ActionUpdate
Task
Name IpamDnsProvisioning
Author IPAMTESTSETUP\domainadmin
Description Task to provision Ipam access settings on the DNSserver.
Run only when user is logged on Password
UserId system
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.3
Enabled Yes
Triggers
1. At task creation/modification
Enabled Yes
Actions
1. Start a program
Program/script powershell.exe
Arguments -Executionpolicy bypass -file \\bfl.local\SYSVOL\bfl.local\Policies\{f9065346-703f-4f04-a6c8-0a30e979a960}\Machine\Scripts\Startup\ipamprovisioning.ps1 DNS IPAMUG@bfl.local S-1-5-21-58594938-1633628789-801526373-72123
Settings
Stop if the computer ceases to be idle Yes
Restart if the idle state resumes No
Start the task only if the computer is on AC power No
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
USPRIM015_IPAM_DHCP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
USPRIM015_IPAM_DHCP
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/01/2016 23:50:44
Modified15/09/2020 22:32:02
User Revisions4 (AD), 4 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{CE45E05A-0EF8-4C51-9BBE-E9203158FAB5}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\USPRDC027$
S-1-5-21-58594938-1633628789-801526373-18627
S-1-5-21-58594938-1633628789-801526373-29100
S-1-5-21-58594938-1633628789-801526373-33477
S-1-5-21-58594938-1633628789-801526373-37652
S-1-5-21-58594938-1633628789-801526373-40251
S-1-5-21-58594938-1633628789-801526373-40648
S-1-5-21-58594938-1633628789-801526373-49007
S-1-5-21-58594938-1633628789-801526373-49025
S-1-5-21-58594938-1633628789-801526373-49370
S-1-5-21-58594938-1633628789-801526373-49413
S-1-5-21-58594938-1633628789-801526373-60619
S-1-5-21-58594938-1633628789-801526373-60620
S-1-5-21-58594938-1633628789-801526373-63083
S-1-5-21-58594938-1633628789-801526373-63124
S-1-5-21-58594938-1633628789-801526373-64591
S-1-5-21-58594938-1633628789-801526373-64932
S-1-5-21-58594938-1633628789-801526373-65542
S-1-5-21-58594938-1633628789-801526373-65937
S-1-5-21-58594938-1633628789-801526373-75332
S-1-5-21-58594938-1633628789-801526373-76580
S-1-5-21-58594938-1633628789-801526373-77432
S-1-5-21-58594938-1633628789-801526373-78588
S-1-5-21-58594938-1633628789-801526373-80083
S-1-5-21-58594938-1633628789-801526373-86616
S-1-5-21-58594938-1633628789-801526373-89083
S-1-5-21-58594938-1633628789-801526373-93542
S-1-5-21-58594938-1633628789-801526373-97600
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\USPRDC027$Read (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-18627Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-29100Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-33477Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-37652Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-40251Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-40648Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49007Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49025Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49370Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-49413Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-60619Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-60620Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-63083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-63124Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-64591Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-64932Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-65542Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-65937Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-75332Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-76580Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-77432Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-78588Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-80083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-86616Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-89083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-93542Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-97600Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\IPAMUGBUILTIN\Event Log Readers
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.20
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Inbound Rules
NameDescription
DHCP Server (RPCSS-In)An inbound rule to allow traffic to allow RPCSS traffic for DHCP Server management.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%systemroot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicerpcss
Allow edge traversalFalse
GroupDHCP Server Management
DHCP Server (RPC-In)An inbound rule to allow traffic to allow RPC traffic for DHCP Server management.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%systemroot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicedhcpserver
Allow edge traversalFalse
GroupDHCP Server Management
Remote Service Management (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Service Control Manager.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupRemote Service Management
Remote Service Management (RPC)Inbound rule for the local Service Control Manager to be remotely managed via RPC/TCP.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\services.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupRemote Service Management
Remote Event Log Management (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Event Log Service.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupRemote Event Log Management
Remote Event Log Management (RPC)Inbound rule for the local Event Log service to be remotely managed via RPC/TCP.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceEventlog
Allow edge traversalFalse
GroupRemote Event Log Management
File and Printer Sharing (SMB-In)Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port445
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupFile and Printer Sharing
File and Printer Sharing (NB-Session-In)Inbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port139
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupFile and Printer Sharing
Connection Security Settings
Preferences
Control Panel Settings
Scheduled Tasks
Scheduled Task (Name: IpamDhcpProvisioning)
IpamDhcpProvisioning (Order: 1)
General
ActionUpdate
Task
NameIpamDhcpProvisioning
Runcmd.exe
Arguments/c "\\bfl.local\SYSVOL\bfl.local\Policies\{ce45e05a-0ef8-4c51-9bbe-e9203158fab5}\Machine\Scripts\Startup\ipamprovisioningwrapper.bat" DHCP IPAMUG@bfl.local S-1-5-21-58594938-1633628789-801526373-72123
CommentsTask to provision Ipam access settings on the DHCP server.
Scheduled task runs at a specified timeEnabled
Schedule
1. Every 60 minute(s) from 17:00 for 1440 minutes every day. This task starts on 28/11/2011
Settings
Delete the task if it is not scheduled to run againNo
Stop the task if the computer ceases to be idleNo
Do not start the task if the computer is running on batteriesDisabled
Stop the task if battery mode beginsDisabled
Wake the computer to run this taskDisabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Operating System
AttributeValue
boolAND
not0
classNT
version2K8
typeNE
editionNE
spNE
Scheduled Task (At least Windows 7) (Name: IpamDhcpProvisioning)
IpamDhcpProvisioning (Order: 2)
General
ActionUpdate
Task
Name IpamDhcpProvisioning
Author IPAMTESTSETUP\domainadmin
Description Task to provision Ipam access settings on the DHCP server.
Run only when user is logged on Password
UserId system
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.3
Enabled Yes
Triggers
1. At task creation/modification
Enabled Yes
Actions
1. Start a program
Program/script powershell.exe
Arguments -Executionpolicy bypass -file \\bfl.local\SYSVOL\bfl.local\Policies\{ce45e05a-0ef8-4c51-9bbe-e9203158fab5}\Machine\Scripts\Startup\ipamprovisioning.ps1 DHCP IPAMUG@bfl.local S-1-5-21-58594938-1633628789-801526373-72123
Settings
Stop if the computer ceases to be idle Yes
Restart if the idle state resumes No
Start the task only if the computer is on AC power No
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
ZScaler Certificate
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
ZScaler Certificate
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created12/09/2016 15:59:52
Modified15/09/2020 22:32:06
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{5A7C1AFA-0A5A-4FCD-8D1E-EBB819C9D910}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Accounts ComputerNoEnabledbfl.local/Accounts Computer
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS
CVADNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
CVADNoEnabledbfl.local/Accounts Computer/Ireland/CVAD
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENG - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG - W11
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
EU Beazley HSD Desktop ENG - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG - W22
EU Beazley HSD Desktop PRD - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD - W22
CVADNoEnabledbfl.local/Accounts Computer/London/CVAD
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox
CVADNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
Zscaler Root CAZscaler Root CA06/05/2042 01:27:55<All>

For additional information about individual settings, launch the Local Group Policy Object Editor.
User Configuration (Disabled)
No settings defined.
Windows 10 Updates Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Windows 10 Updates Policy 1.0
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/05/2017 13:31:26
Modified15/09/2020 22:33:36
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{EBD62C43-707D-4891-8601-3219FE419ECB}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\App.Pub.Microsoft.Windows.10
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\App.Pub.Microsoft.Windows.10Read (from Security Filtering)No
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Windows Update
PolicySettingComment
Defer Upgrades and UpdatesEnabled
Defer upgrades for the following
duration (months): 0
Defer updates for the following
duration (weeks): 0
Pause Upgrades and UpdatesEnabled
User Configuration (Enabled)
No settings defined.
Citrix all VDAs UK
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix all VDAs UK
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/03/2017 10:06:34
Modified15/09/2020 22:33:42
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{359C90C6-B898-42EF-85EF-E52A8A7E59E5}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
Citrix all VDAs US
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix all VDAs US
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/03/2017 09:58:54
Modified15/09/2020 22:33:42
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{A9839C4E-7648-4C7C-B6D5-2A0268D95DF6}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
Reed.Mac.Printing
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Reed.Mac.Printing
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created26/09/2016 18:23:06
Modified15/09/2020 22:33:44
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{FF8F6BA4-33D4-431E-8150-BE9A7723BD89}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\App.Pub.TravelDesk.Printing
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\App.Pub.TravelDesk.PrintingRead (from Security Filtering)No
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Printer Connections
Path
\\UKPRFP012\FollowUK_C-D
\\UKPRFP012\FollowUK_PS
\\UKPRFP012\FollowUK_BW-D-ST
\\UKPRFP012\FollowUK_BW-D
\\UKPRFP012\FollowUK_C-D-ST
User Configuration (Enabled)
No settings defined.
MBAM Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
MBAM Policy 1.0
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created06/04/2016 16:00:42
Modified15/09/2020 22:33:44
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{1CACD080-963F-4948-B8BF-06275AF3DB39}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
Citrix VDA Workstation Computer Settings
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix VDA Workstation Computer Settings
Data collected on: 23/04/2025 10:47:27
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created01/06/2017 16:27:44
Modified15/09/2020 22:33:54
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{1EF58375-CDBB-43D5-A6E4-D6A3BC47C4C8}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Disabled)
No settings defined.
Default Laptop & Desktop Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default Laptop & Desktop Policy
Data collected on: 23/04/2025 10:47:28
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created28/02/2012 22:29:44
Modified18/09/2024 16:39:44
User Revisions6 (AD), 6 (SYSVOL)
Computer Revisions197 (AD), 197 (SYSVOL)
Unique ID{05B79E93-69E0-44B3-9F6A-4CFF074BE27E}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/User Rights Assignment
PolicySetting
Change the system timeBUILTIN\Administrators, NT AUTHORITY\Authenticated Users, BFL\Domain Users, Domain Admins, S-1-5-32-547
Deny log on locallyS-1-5-21-58594938-1633628789-801526373-51538
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Rename administrator account"ntmaster"
Devices
PolicySetting
Devices: Prevent users from installing printer driversDisabled
Domain Member
PolicySetting
Domain member: Digitally encrypt secure channel data (when possible)Enabled
Domain member: Digitally sign secure channel data (when possible)Enabled
Interactive Logon
PolicySetting
Interactive logon: Do not display last user nameEnabled
Interactive logon: Require smart cardDisabled
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (if server agrees)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Network Access
PolicySetting
Network access: Do not allow anonymous enumeration of SAM accountsEnabled
Network access: Let Everyone permissions apply to anonymous usersDisabled
Network Security
PolicySetting
Network security: Do not store LAN Manager hash value on next password changeEnabled
Network security: LAN Manager authentication levelSend NTLMv2 response only. Refuse LM & NTLM
Restricted Groups
GroupMembersMember of
BUILTIN\Remote Desktop UsersNT AUTHORITY\Authenticated Users
System Services
Alerter (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Messenger (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Routing and Remote Access (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
TlntSvr (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
File System
%SystemDrive%\boot.ini
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemDrive%\ntldr
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\windows\repair
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Registry
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Public Key Policies/Certificate Services Client - Auto-Enrollment Settings
PolicySetting
Automatic certificate managementEnabled
OptionSetting
Enroll new certificates, renew expired certificates, process pending certificate requests and remove revoked certificatesEnabled
Update and manage certificates that use certificate templates from Active DirectoryEnabled
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
WSUS Publishers Self-signedWSUS Publishers Self-signed11/06/2018 14:08:26Code Signing

For additional information about individual settings, launch the Local Group Policy Object Editor.
Public Key Policies/Trusted Publishers Certificates
Issued ToIssued ByExpiration DateIntended Purposes
WSUS Publishers Self-signedWSUS Publishers Self-signed11/06/2018 14:08:26Code Signing

For additional information about individual settings, launch the Local Group Policy Object Editor.
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVB File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Certificate Rules
WSUS Publishers Self-signed
Security LevelUnrestricted
Description
Date last modified18/07/2013 21:52:52
Hash Rules
SCNotification.exe (5.0.7804.1000); SCNotification.exe; SCNotification; System Center Configuration Manager; Microsoft Corporation
Security LevelDisallowed
Description
Date last modified08/05/2013 02:53:51
SCNotification.exe (5.0.7804.1000); SCNotification.exe; SCNotification; System Center Configuration Manager; Microsoft Corporation
Security LevelDisallowed
Description
Date last modified08/05/2013 03:13:29
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified08/05/2013 02:20:05
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified08/05/2013 02:20:05
C:\Program Files (x86)\Microsoft Silverlight\
Security LevelDisallowed
DescriptionDisable Microsoft Silverlight Installation
Date last modified07/05/2024 15:24:53
C:\Program Files\Microsoft Silverlight\
Security LevelDisallowed
DescriptionDisable Silverlight installation
Date last modified07/05/2024 15:23:54
C:\Windows\CCM\SCNotification.exe
Security LevelDisallowed
Description
Date last modified08/05/2013 03:13:09
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.22
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Private Profile Settings
PolicySetting
Firewall stateOn
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Public Profile Settings
PolicySetting
Firewall stateOn
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Outbound Rules
NameDescription
Allow paywall sites TCPallow TCP ports 80,8080,443,8443 and other AD function ports. Allow all ports above 1000.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionBlock
Authorized computers
Protocol6
Local port444, 1-52, 54-79, 81-87, 89-134, 136-138, 140-388, 390-442, 446-463, 465-635, 637-999
Remote port444, 1-52, 54-79, 81-87, 89-134, 136-138, 140-388, 390-442, 446-463, 465-635, 637-999
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfilePrivate, Public
Network interface typeAll
ServiceAll programs and services
Group
Allow paywall sites UDPBlock all UDP except known ports needed for paywall sites and all ports above 1000.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionBlock
Authorized computers
Protocol17
Local port1-52, 54-66, 68-87, 89-122, 124-136, 139-388, 390-444, 446-463, 465-999
Remote port1-52, 54-66, 68-87, 89-122, 124-136, 139-388, 390-444, 446-463, 465-999
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfilePrivate, Public
Network interface typeAll
ServiceAll programs and services
Group
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Adobe AIR
PolicySettingComment
Enable Adobe Air UpdaterDisabled
Adobe Reader
PolicySettingComment
Enable Adobe Acrobat PurchasingDisabled
Enable Adobe Reader UpdaterDisabled
Citrix Components/Citrix Workspace/User authentication
PolicySettingComment
Kerberos authenticationEnabled
Local user name and passwordEnabled
Enable pass-through authenticationEnabled
Allow pass-through authentication for all ICA connections 
Use Novell Directory Server credentialsDisabled
Network/Background Intelligent Transfer Service (BITS)
PolicySettingComment
Limit the maximum network bandwidth for BITS background transfersEnabled
Limit background transfer rate (Kbps) to:200
From7 AM
to7 PM
At all other times
Use all available unused bandwidthEnabled
OR
Limit background transfer rate (Kbps) to:100
Network/Network Connections/Windows Firewall/Domain Profile
PolicySettingComment
Windows Firewall: Protect all network connectionsDisabled
Network/Network Connections/Windows Firewall/Standard Profile
PolicySettingComment
Windows Firewall: Do not allow exceptionsEnabled
Windows Firewall: Protect all network connectionsEnabled
Network/Network Provider
PolicySettingComment
Hardened UNC PathsEnabled
Specify hardened network paths. In the name field, type a fully-qualified UNC path for each network resource. To secure all access to a share with a particular name, regardless of the server name, specify a server name of '*' (asterisk). For example, "\\*\NETLOGON". To secure all access to all shares hosted on a server, the share name portion of the UNC path may be omitted. For example, "\\SERVER". In the value field, specify one or more of the following options, separated by commas: 'RequireMutualAuthentication=1': Mutual authentication between the client and server is required to ensure the client connects to the correct server. 'RequireIntegrity=1': Communication between the client and server must employ an integrity mechanism to prevent data tampering. 'RequirePrivacy=1': Communication between the client and the server must be encrypted to prevent third parties from observing sensitive data.
Hardened UNC Paths: 
\\*\*RequireIntegrity=1
You should require both Integrity and Mutual Authentication for any UNC paths that host executable programs, script files, or files that control security policies. Consider hosting files that do not require Integrity or Privacy on separate shares from those that absolutely need such security for optimal performance. For additional details on configuring Windows computers to require additional security when accessing specific UNC paths, visit http://support.microsoft.com/kb/3000483.
Network/Offline Files
PolicySettingComment
Configure Background SyncEnabled
Configure background sync:
Sync Interval (minutes)30
Sync Variance (minutes)5
Maximum Allowed Time Without A Sync (minutes)150
Blockout Start Time (HHMM)0
HHMM is a value where
HH must be between 0 and 24, and
MM must be between 0 and 59.
Blockout Duration (minutes)0
Enable Background Sync for shares in user selected "Work Offline" modeEnabled
PolicySettingComment
Turn off reminder balloonsEnabled
Printers
PolicySettingComment
Point and Print RestrictionsEnabled
Users can only point and print to these servers:Disabled
Enter fully qualified server names separated by semicolons
Users can only point and print to machines in their forestEnabled
Security Prompts:
When installing drivers for a new connection:Do not show warning or elevation prompt
When updating drivers for an existing connection:Do not show warning or elevation prompt
This setting only applies to:
Windows Vista and later
Sun Java
PolicySettingComment
Check for updates at start (non-policy)Disabled
Enable Java UpdaterDisabled
System/Driver Installation
PolicySettingComment
Allow non-administrators to install drivers for these device setup classesEnabled
Allow Users to install device drivers for these classes:
{4D36E979-E325-11CE-BFC1-08002BE10318}
{4d36e96e-e325-11ce-bfc1-08002be10318}
{4d36e96f-e325-11ce-bfc1-08002be10318}
{4658ee7e-f050-11d1-b6bd-00c04fa372a7}
To create a list of device classes, click Show. In the Show Contents dialog box, in the Value column,
type a GUID that represents a device setup class
(for example, {25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}).
System/Logon
PolicySettingComment
Always wait for the network at computer startup and logonEnabled
Do not display the Getting Started welcome screen at logonEnabled
System/Power Management/Button Settings
PolicySettingComment
Select the lid switch action (plugged in)Enabled
Lid Switch ActionTake no action
Windows Components/ActiveX Installer Service
PolicySettingComment
Approved Installation Sites for ActiveX ControlsEnabled
Host URLs 
http://aldlivap01/sts/sts.dll?vm=sun2,2,1,0x00001100
http://cmsma2riskweb/Scripts/MajorAccount.asp?2,2,1,0x00001100
http://tscluster.beazley.com/2,2,1,0x00001100
http://www.risksearch.com/Scripts/Location.asp?RMSWF_DISPID=122,2,1,0x00001100
https://usa.beazleygateway.com/+CSCOE+/portal.html2,2,1,0x00001100
Contains policy for the host URL.
For example
HostName: http://activex.microsoft.com
Value: 2,1,0,0
The value for each Host URL is four settings in CSV format.
Which represents "TPSSignedControl,SignedControl,UnsignedControl,ServerCertificatePolicy
The three left most values in the policy control the installation of ActiveX controls based on their signature.
They can be one of the following.
0: ActiveX control will not be installed
1: Prompt the user to install ActiveX control
2: ActiveX control will be silently installed
Controls signed by certificates in trusted publisher store will be silently installed
Silent installation for unsigned controls is not supported
The right most value in the policy is a bitmasked flag
The flags are used for ignoring https certificate errors.
The default value is 0.
Which means that the https connections must pass all security checks
Use the combination of the following values
to ignore invalid certificate errors
0x00000100 Ignore Unknown CA
0x00001000 Ignore invalid CN
0x00002000 Ignore invalid certificate date
0x00000200 Ignore wrong certificate usage
Windows Components/Desktop Gadgets
PolicySettingComment
Restrict unpacking and installation of gadgets that are not digitally signed.Enabled
Turn off desktop gadgetsEnabled
Turn Off user-installed desktop gadgetsEnabled
Windows Components/Desktop Window Manager
PolicySettingComment
Do not allow window animationsDisabled
Windows Components/Event Log Service/Security
PolicySettingComment
Back up log automatically when fullEnabled
Windows Components/Game Explorer
PolicySettingComment
Turn off downloading of game informationEnabled
Turn off game updatesEnabled
Windows Components/Internet Information Services
PolicySettingComment
Prevent IIS installationEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesEnabled
Windows Components/RSS Feeds
PolicySettingComment
Prevent access to feed listEnabled
Windows Components/Search
PolicySettingComment
Prevent indexing files in offline files cacheDisabled
Prevent indexing public foldersEnabled
Windows Components/Shutdown Options
PolicySettingComment
Timeout for hung logon sessions during shutdownEnabled
Hung session timeout in Minutes:1
Windows Components/Windows Defender
PolicySettingComment
Turn off Windows DefenderEnabled
Windows Components/Windows Defender/Real-time Protection
PolicySettingComment
Turn off real-time protectionEnabled
Windows Components/Windows Error Reporting
PolicySettingComment
Disable Windows Error ReportingEnabled
Windows Components/Windows Installer
PolicySettingComment
Specify the types of events Windows Installer records in its transaction logEnabled
Loggingiwearucmpvox
To activate logging, enter one or more of the modes below.
"iwearucmpvox" will log everything but adds time to the install.
i - Status messages
w - Non-fatal warnings
e - All error messages
a - Start up of actions
r - Action-specific records
u - User requests
c - Initial UI parameters
m - Out-of-memory
p - Terminal properties
v - Verbose output
o - Out of disk space messages
x - Extra debugging information
Windows Components/Windows Media Player
PolicySettingComment
Do Not Show First Use Dialog BoxesEnabled
Prevent Desktop Shortcut CreationEnabled
Prevent Quick Launch Toolbar Shortcut CreationEnabled
Windows Components/Windows SideShow
PolicySettingComment
Turn off Windows SideShowEnabled
Windows Components/Windows Update
PolicySettingComment
Allow signed updates from an intranet Microsoft update service location Enabled
Configure Automatic UpdatesDisabled
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog boxEnabled
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Re-prompt for restart with scheduled installationsEnabled
Wait the following period before
prompting again with a scheduled
restart (minutes): 240
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\Windows Defender\Signature Updates\CheckAlternateDownloadLocation0
Software\Policies\Microsoft\Windows Defender\Signature Updates\CheckAlternateHttpLocation0
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1
Preferences
Windows Settings
Registry
EnableCertPaddingCheck (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Cryptography|Wintrust\Config
Value nameEnableCertPaddingCheck
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
EnableCertPaddingCheck (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Cryptography\Wintrust\Config
Value nameEnableCertPaddingCheck
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Collection: Registry Wizard Values/HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Syncmgr
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry item: KeepProgresslevel
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Syncmgr
Value nameKeepProgresslevel
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
Control Panel Settings
Local Users and Groups
User (Name: Administrator (built-in))
Administrator (built-in) (Order: 1)
Local User
ActionUpdate
Properties
User nameAdministrator (built-in)
DescriptionLocal admin account for administering this computer
User cannot change passwordFalse
Password never expiresTrue
Account is disabledFalse
Account expiresNever
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 2)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsEnabled
Add members
BFL\BFL PCs - LocalAdminsS-1-5-21-58594938-1633628789-801526373-26922
BFL\Domain AdminsS-1-5-21-58594938-1633628789-801526373-512
BFL\Local Workstation AdministratorsS-1-5-21-58594938-1633628789-801526373-22607
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
LAPS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
LAPS
Data collected on: 23/04/2025 10:47:28
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/07/2017 20:20:24
Modified15/09/2020 22:35:08
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{C1EB8420-6D66-46AB-8AB6-20240D74CB4A}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\App.LAPS.Testing
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\App.LAPS.TestingRead (from Security Filtering)No
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
LAPS
PolicySettingComment
Do not allow password expiration time longer than required by policyEnabled
Enable local admin password managementEnabled
Name of administrator account to manageEnabled
Administrator account namentmaster
PolicySettingComment
Password SettingsEnabled
Password ComplexityLarge letters + small letters + numbers + specials
Password Length14
Password Age (Days)180
User Configuration (Disabled)
No settings defined.
BFL Screen Saver Policy - RMS exception
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Screen Saver Policy - RMS exception
Data collected on: 23/04/2025 10:47:28
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/02/2018 14:31:00
Modified15/09/2020 22:40:44
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{98EF47F7-BFF5-4F0E-B4E6-ED46D06EA827}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS
RMSNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Password protect the screen saverEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:7200
CItrix ShareFile DriveMapper
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CItrix ShareFile DriveMapper
Data collected on: 23/04/2025 10:47:28
General
Details
Domainbfl.local
OwnerBFL\Ultima
Created19/02/2018 16:37:04
Modified15/09/2020 22:41:00
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions7 (AD), 7 (SYSVOL)
Unique ID{090B6249-9DEB-4B1E-89C2-CA9429AFF39F}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsEdit settings, delete, modify securityNo
BFL\Enterprise AdminsEdit settings, delete, modify securityNo
BFL\UltimaEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
ShareFile/Drive Mapper
PolicySettingComment
Cache SizeEnabled
Cache Size250
PolicySettingComment
Delete CacheDisabled
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
ShareFile/Drive Mapper
PolicySettingComment
AccountEnabled
Accountbeazley.sharefile.com
GBL Windows 10 Lite Policy 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Windows 10 Lite Policy 1.0
Data collected on: 23/04/2025 10:47:28
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created27/05/2016 16:59:18
Modified15/09/2020 22:44:34
User Revisions23 (AD), 23 (SYSVOL)
Computer Revisions17 (AD), 17 (SYSVOL)
Unique ID{BD710B5A-6FA1-4B4D-9938-65B41AC30E7B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
System Services
Remote Registry (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/DNS Client
PolicySettingComment
DNS suffix search listEnabled
DNS Suffixes:bfl.local,beazleydev.local
Start Menu and Taskbar
PolicySettingComment
Start LayoutEnabled
Start Layout File\\bfl.local\SYSVOL\bfl.local\scripts\WIN10\LiteStartMenu.xml
System/Power Management/Button Settings
PolicySettingComment
Select the lid switch action (on battery)Enabled
Lid Switch ActionTake no action
PolicySettingComment
Select the lid switch action (plugged in)Enabled
Lid Switch ActionTake no action
Windows Components/Microsoft Edge
PolicySettingComment
Send all intranet sites to Internet Explorer 11Enabled
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageEnabled
Preferences
Control Panel Settings
Power Options
Power Plan (At least Windows 7) (Name: Balanced)
Power Plan (Windows Vista and later) (Order: 1)
Properties
ActionUpdate
Make this the active Power Plan:Enabled
NameBalanced
When computer is:Plugged inRunning on batteries
Require a password on wakeup:YesYes
Turn off hard disk after:NeverNever
Sleep after:NeverNever
Allow hybrid sleep:OffOff
Hibernate after:NeverNever
Lid close action:Do nothingDo nothing
Power button action:ShutdownShutdown
Start menu power button:HibernateHibernate
Link State Power Management:Moderate power savingsMaximum power savings
Minimum processor state:After 5 minutesAfter 5 minutes
Maximum processor state:After 100 minutesAfter 100 minutes
Turn off display after:After 10 minutesAfter 5 minutes
Adaptive display:OnOn
Critical battery action:Do nothingHibernate
Low battery level:After 10 minutesAfter 10 minutes
Critical battery level:After 5 minutesAfter 5 minutes
Low battery notification:OffOff
Low battery action:Do nothingDo nothing
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Force specific screen saverEnabled
Screen saver executable namec:\windows\SysWOW64\Beazley.scr
PolicySettingComment
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:900
System/Removable Storage Access
PolicySettingComment
Removable Disks: Deny write accessEnabled
Windows Components/Internet Explorer/Internet Control Panel/Security Page
PolicySettingComment
Site to Zone Assignment ListEnabled
Enter the zone assignments here. 
https://sts.beazley.com1
Citrix VDA Developer VDI User Settings
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix VDA Developer VDI User Settings
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created29/03/2018 16:43:00
Modified15/09/2020 22:44:54
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{9A076AAA-6B91-446B-A1C5-077C8F947651}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Folder Redirection
Desktop
Setting: Basic (Redirect everyone's folder to the same location)
Path: %homeshare%\Desktop
Options
Grant user exclusive rights to DesktopEnabled
Move the contents of Desktop to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Documents
Setting: Basic (Redirect everyone's folder to the same location)
Path: %homeshare%\My Documents
Options
Grant user exclusive rights to DocumentsEnabled
Move the contents of Documents to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Favorites
Setting: Basic (Redirect everyone's folder to the same location)
Path: %homeshare%\Citrix\Favorites
Options
Grant user exclusive rights to FavoritesEnabled
Move the contents of Favorites to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Password protect the screen saverEnabled
Prevent changing screen saverEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:600
Desktop/Desktop
PolicySettingComment
Desktop WallpaperEnabled
Wallpaper Name:C:\Program Files (x86)\Beazley\beazley_desktop_world_img_1920.jpg
Example: Using a local path: C:\windows\web\wallpaper\home.jpg
Example: Using a UNC path: \\Server\Share\Corp.jpg
Wallpaper Style:Center
Preferences
Windows Settings
Drive Maps
Drive Map (Drive: T)
T: (Order: 1)
General
ActionCreate
Properties
LetterT
Location\\bfl.local\ukdata\temp
ReconnectDisabled
Label asTemp
Use first availableDisabled
Hide/Show this driveNo change
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CVAD-GL-GPO Loopback-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-GPO Loopback-CP
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/09/2018 10:59:04
Modified07/04/2021 10:59:08
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{49ED5671-78E5-4624-8B1F-FFE0D53A96CC}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop LGCNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop LGC
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley P-VDI Desktop DEV - W11 - TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11 - TPL
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop ENG - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG - W11
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop ENG - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG - W22
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop PRD - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD - W22
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
RMS DesktopsNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/RMS Desktops
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
User Configuration (Disabled)
No settings defined.
UK CTX-On Prem VDA-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK CTX-On Prem VDA-CP
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/09/2018 10:58:46
Modified15/09/2020 22:48:28
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{DE745A0F-A000-4EBF-A8A2-B3E68693113F}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
ListOfDDCs (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Citrix\VirtualDesktopAgent
Value nameListOfDDCs
Value typeREG_SZ
Value dataUKPRXA080 UKPRXA081 UKPRXA082 IEPRXA080 IEPRXA081 IEPRXA082
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
Citrix Cloud all VDAs UK
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix Cloud all VDAs UK
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created29/08/2018 15:49:34
Modified15/09/2020 22:49:00
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{E93F5E9E-0DBD-401E-83FB-3673541F7C11}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
Citrix VDA All Users (including admins)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix VDA All Users (including admins)
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created25/11/2015 10:42:28
Modified15/09/2020 22:49:38
User Revisions30 (AD), 30 (SYSVOL)
Computer Revisions23 (AD), 23 (SYSVOL)
Unique ID{524414F1-F05E-4707-8BC7-68358ED8E78A}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Preferences
Windows Settings
Registry
Serialize (Order: 1)
General
ActionDelete
Properties
HiveHKEY_CURRENT_USER
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\Serialize
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
UK CTX-UK Beazley Desktop PIO-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK CTX-UK Beazley Desktop PIO-CP
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/10/2018 12:33:28
Modified15/09/2020 22:49:40
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions12 (AD), 12 (SYSVOL)
Unique ID{15D67CD8-F7C5-47DC-9EF1-F69C2F76E964}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Disabled)
No settings defined.
UK CTX-UK Beazley Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK CTX-UK Beazley Desktop PRD-CP
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/10/2018 12:34:22
Modified15/09/2020 22:49:40
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions12 (AD), 12 (SYSVOL)
Unique ID{369CBD20-9353-4D30-B32A-BB236EB854D2}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Disabled)
No settings defined.
US CTX-GPO Loopback-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US CTX-GPO Loopback-CP
Data collected on: 23/04/2025 10:47:29
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/11/2018 19:32:38
Modified15/09/2020 22:50:16
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{D7A7F43E-1B21-4F0A-9848-D6B9B0FAC677}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
User Configuration (Disabled)
No settings defined.
US CTX-On Prem VDA-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US CTX-On Prem VDA-CP
Data collected on: 23/04/2025 10:47:30
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/11/2018 19:33:02
Modified15/09/2020 22:50:16
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{BE97E0EA-F432-46A6-813E-544CAE49B451}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
ListOfDDCs (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Citrix\VirtualDesktopAgent
Value nameListOfDDCs
Value typeREG_SZ
Value dataUSPRXA080 USPRXA081 USPRXA082 USPRXA083
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
US CTX-US Beazley Desktop ENG-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US CTX-US Beazley Desktop ENG-CP
Data collected on: 23/04/2025 10:47:30
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/11/2018 19:33:50
Modified15/09/2020 22:50:16
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions13 (AD), 13 (SYSVOL)
Unique ID{EC868087-1747-4704-BF89-70B64E947D62}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Disabled)
No settings defined.
US CTX-US Beazley Desktop PIO-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US CTX-US Beazley Desktop PIO-CP
Data collected on: 23/04/2025 10:47:30
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/11/2018 19:34:16
Modified15/09/2020 22:50:16
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions13 (AD), 13 (SYSVOL)
Unique ID{F53E6BD2-955C-478D-BEE2-DF13EB44321E}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Disabled)
No settings defined.
US CTX-US Beazley Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US CTX-US Beazley Desktop PRD-CP
Data collected on: 23/04/2025 10:47:30
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/11/2018 19:34:36
Modified15/09/2020 22:50:16
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions13 (AD), 13 (SYSVOL)
Unique ID{2ADF3339-F434-41A8-8435-BE9809F7A77E}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Disabled)
No settings defined.
CVAD-EU-Server OS-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU-Server OS-CP
Data collected on: 23/04/2025 10:47:30
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/09/2018 10:59:48
Modified03/02/2023 11:32:24
User Revisions19 (AD), 19 (SYSVOL)
Computer Revisions40 (AD), 40 (SYSVOL)
Unique ID{05D75CAA-F4C9-4FA8-B166-33704D2F58E7}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Server OSNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS
Server OSNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit logon eventsSuccess
Audit process trackingSuccess, Failure
Local Policies/Security Options
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (always)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (always)Enabled
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Network Access
PolicySetting
Network access: Do not allow anonymous enumeration of SAM accounts and sharesEnabled
Network Security
PolicySetting
Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Network security: Minimum session security for NTLM SSP based (including secure RPC) serversEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Other
PolicySetting
Accounts: Block Microsoft accountsUsers can't add Microsoft accounts
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Citrix Workspace/StoreFront
PolicySettingComment
NetScaler Gateway URL/StoreFront Accounts ListEnabled
Enter the NetScaler Gateway/StoreFront account details here:
AppPubStore;https://citrix/Citrix/AppPub/discovery;On;Store for Published Apps
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Licensing
PolicySettingComment
Set the Remote Desktop licensing modeEnabled
Specify the licensing mode for the RD Session Host server.Per User
PolicySettingComment
Use the specified Remote Desktop license serversEnabled
License servers to use:eulonctxlic01.bfl.local
Separate license server names with commas.
Example: Server1,Server2.example.com,192.168.1.1
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for active but idle Remote Desktop Services sessionsEnabled
Idle session limit:6 hours
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session1 day
Preferences
Windows Settings
Registry
Collection: CUAgent Service Recovery/HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/cuAgent
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry item: FailureActions
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\cuAgent
Value nameFailureActions
Value typeREG_BINARY
Value data00000000000000000000000003000000140000000100000060EA00000100000060EA00000100000060EA0000
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Services
Service (Name: WSearch)
WSearch (Order: 1)
General
Service nameWSearch
ActionNo change
Startup type:Automatic (Delayed Start)
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Service (Name: cuAgent)
cuAgent (Order: 2)
General
Service namecuAgent
ActionNo change
Startup type:No change
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:Restart the service
Second failure:Restart the service
Subsequent failures:Restart the service
Reset fail count after:0 days
Restart service after:1 minute
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
BFL loopback processing
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL loopback processing
Data collected on: 23/04/2025 10:47:30
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created22/10/2013 10:33:14
Modified15/09/2020 22:50:36
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{F653355C-A305-46BA-AB56-BDFBB2DDA468}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
DesktopsNoDisabledbfl.local/Accounts Computer/Desktops
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
User Configuration (Enabled)
No settings defined.
Default Server Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Default Server Policy
Data collected on: 23/04/2025 10:47:31
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created13/03/2013 00:17:36
Modified02/07/2024 15:03:38
User Revisions7 (AD), 7 (SYSVOL)
Computer Revisions98 (AD), 98 (SYSVOL)
Unique ID{57583677-DC27-4FFF-B2D4-C2A7F66BADAB}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
ServersNoEnabledbfl.local/Accounts Computer/Servers
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Singapore/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
User Account Control
PolicySetting
User Account Control: Admin Approval Mode for the Built-in Administrator accountDisabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktopDisabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModePrompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard usersPrompt for credentials
User Account Control: Detect application installations and prompt for elevationEnabled
User Account Control: Only elevate executables that are signed and validatedDisabled
User Account Control: Only elevate UIAccess applications that are installed in secure locationsEnabled
User Account Control: Run all administrators in Admin Approval ModeEnabled
User Account Control: Switch to the secure desktop when prompting for elevationEnabled
User Account Control: Virtualize file and registry write failures to per-user locationsEnabled
System Services
Windows Remote Management (WS-Management) (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.10
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Private Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Public Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Inbound Rules
NameDescription
Windows Remote Management (HTTP-In)Inbound rule for Windows Remote Management via WS-Management. [TCP 5985]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port5985
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupWindows Remote Management (Compatibility)
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Network Connections/Windows Firewall/Domain Profile
PolicySettingComment
Windows Firewall: Protect all network connectionsDisabled
Network/Network Provider
PolicySettingComment
Hardened UNC PathsEnabled
Specify hardened network paths. In the name field, type a fully-qualified UNC path for each network resource. To secure all access to a share with a particular name, regardless of the server name, specify a server name of '*' (asterisk). For example, "\\*\NETLOGON". To secure all access to all shares hosted on a server, the share name portion of the UNC path may be omitted. For example, "\\SERVER". In the value field, specify one or more of the following options, separated by commas: 'RequireMutualAuthentication=1': Mutual authentication between the client and server is required to ensure the client connects to the correct server. 'RequireIntegrity=1': Communication between the client and server must employ an integrity mechanism to prevent data tampering. 'RequirePrivacy=1': Communication between the client and the server must be encrypted to prevent third parties from observing sensitive data.
Hardened UNC Paths: 
\\bfl.local\SYSVOLRequireMutualAuthentication=1, RequireIntegrity=1
\\bfl.local\NETLOGONRequireMutualAuthentication=1, RequireIntegrity=1
You should require both Integrity and Mutual Authentication for any UNC paths that host executable programs, script files, or files that control security policies. Consider hosting files that do not require Integrity or Privacy on separate shares from those that absolutely need such security for optimal performance. For additional details on configuring Windows computers to require additional security when accessing specific UNC paths, visit http://support.microsoft.com/kb/3000483.
System/Server Manager
PolicySettingComment
Do not display Initial Configuration Tasks window automatically at logonEnabled
Do not display Server Manager automatically at logonEnabled
Windows Components/Internet Explorer
PolicySettingComment
Prevent running First Run wizardEnabled
Select your choiceGo directly to home page
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesEnabled
Windows Components/Windows Remote Management (WinRM)/WinRM Service
PolicySettingComment
Allow remote server management through WinRMEnabled
IPv4 filter:*
IPv6 filter:*
Syntax:
Type "*" to allow messages from any IP address, or leave the
field empty to listen on no IP address. You can specify one
or more ranges of IP addresses.
Example IPv4 filters:
2.0.0.1-2.0.0.20, 24.0.0.1-24.0.0.22
*
Example IPv6 filters:
3FFE:FFFF:7654:FEDA:1245:BA98:0000:0000-3FFE:FFFF:7654:FEDA:1245:BA98:3210:4562
*
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog boxEnabled
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Preferences
Windows Settings
Registry
DisableShowAtLogon (Order: 1)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Policies\Microsoft\Windows NT\CurrentVersion\MYS
Value nameDisableShowAtLogon
Value typeREG_BINARY
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
IsInstalled (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}
Value nameIsInstalled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Local Users and Groups
User (Name: Administrator (built-in))
Administrator (built-in) (Order: 1)
Local User
ActionUpdate
Properties
User nameAdministrator (built-in)
Rename toBFL
User cannot change passwordFalse
Password never expiresTrue
Account is disabledFalse
Account expiresNever
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
US CTX-Server OS-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US CTX-Server OS-CP
Data collected on: 23/04/2025 10:47:31
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/11/2018 19:33:26
Modified25/03/2021 13:19:26
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions12 (AD), 12 (SYSVOL)
Unique ID{92D0BC5D-DF1D-4FE1-A2EB-9FBBD9F770B5}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Doc1 WorkstationsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions/Application Servers/Doc1 Workstations

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Licensing
PolicySettingComment
Set the Remote Desktop licensing modeEnabled
Specify the licensing mode for the RD Session Host server.Per User
PolicySettingComment
Use the specified Remote Desktop license serversEnabled
License servers to use:eulonctxlic01.bfl.local
Separate license server names with commas.
Example: Server1,Server2.example.com,192.168.1.1
User Configuration (Disabled)
No settings defined.
Server.GBL.HardenedUNCPaths
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Server.GBL.HardenedUNCPaths
Data collected on: 23/04/2025 10:47:31
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created04/02/2019 10:13:32
Modified15/09/2020 22:54:14
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{0E4FD0CC-544C-47DE-8569-C2D48F70C4A4}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
Domain ControllersNoEnabledbfl.local/Domain Controllers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Network Provider
PolicySettingComment
Hardened UNC PathsEnabled
Specify hardened network paths. In the name field, type a fully-qualified UNC path for each network resource. To secure all access to a share with a particular name, regardless of the server name, specify a server name of '*' (asterisk). For example, "\\*\NETLOGON". To secure all access to all shares hosted on a server, the share name portion of the UNC path may be omitted. For example, "\\SERVER". In the value field, specify one or more of the following options, separated by commas: 'RequireMutualAuthentication=1': Mutual authentication between the client and server is required to ensure the client connects to the correct server. 'RequireIntegrity=1': Communication between the client and server must employ an integrity mechanism to prevent data tampering. 'RequirePrivacy=1': Communication between the client and the server must be encrypted to prevent third parties from observing sensitive data.
Hardened UNC Paths: 
\\bfl.local\SYSVOLRequireMutualAuthentication=1, RequireIntegrity=1
\\bfl.local\NETLOGONRequireMutualAuthentication=1, RequireIntegrity=1
You should require both Integrity and Mutual Authentication for any UNC paths that host executable programs, script files, or files that control security policies. Consider hosting files that do not require Integrity or Privacy on separate shares from those that absolutely need such security for optimal performance. For additional details on configuring Windows computers to require additional security when accessing specific UNC paths, visit http://support.microsoft.com/kb/3000483.
User Configuration (Disabled)
No settings defined.
ReedMac Desktop 1.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
ReedMac Desktop 1.0
Data collected on: 23/04/2025 10:47:31
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created04/03/2019 13:21:38
Modified15/09/2020 22:55:22
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{AE7A300D-57CD-4ED7-9C9B-310F696BD42A}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Network Security
PolicySetting
Network security: LAN Manager authentication levelSend NTLMv2 response only
User Configuration (Disabled)
No settings defined.
RDS Licensing for RPA
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
RDS Licensing for RPA
Data collected on: 23/04/2025 10:47:31
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created03/04/2019 21:58:40
Modified10/03/2021 08:55:18
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions5 (AD), 5 (SYSVOL)
Unique ID{C558468C-E80B-4611-9D5B-C98D7ED5D843}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
DevelopmentNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions/Development
DevelopmentNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Development

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\gpo.server.RPA.RDS
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\gpo.server.RPA.RDSRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Licensing
PolicySettingComment
Set the Remote Desktop licensing modeEnabled
Specify the licensing mode for the RD Session Host server.Per User
PolicySettingComment
Use the specified Remote Desktop license serversEnabled
License servers to use:eulonctxlic01.bfl.local,eudubctxlic01.bfl.local
Separate license server names with commas.
Example: Server1,Server2.example.com,192.168.1.1
User Configuration (Disabled)
No settings defined.
UK CTX-Cloud VDA-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK CTX-Cloud VDA-CP
Data collected on: 23/04/2025 10:47:31
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created17/04/2019 11:07:18
Modified15/09/2020 22:57:36
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{FCE43714-CDD9-48A4-9024-4AAA0E45BE0C}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
ListOfDDCs (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Citrix\VirtualDesktopAgent
Value nameListOfDDCs
Value typeREG_SZ
Value dataUKPRXA070 UKPRXA071 IEPRXA070 IEPRXA071
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
BFL Wired Lan Settings
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Wired Lan Settings
Data collected on: 23/04/2025 10:47:31
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created01/05/2019 16:43:18
Modified15/09/2020 22:58:14
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions15 (AD), 15 (SYSVOL)
Unique ID{E203C01F-7E52-42CB-8CEE-03A394D76828}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
UKNoEnabledbfl.local/Accounts Computer/Desktops/UK
USNoEnabledbfl.local/Accounts Computer/Desktops/US

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Wired Network (802.3) Policies
Beazley Internal Lan
NameBeazley Internal Lan
DescriptionWired Profile for 802.1x
Global Settings
SettingValue
Use Windows wired LAN network services for clientsEnabled
Shared user credentials for network authenticationEnabled
Network Profile
Security Settings
Enable use of IEEE 802.1X authentication for network accessEnabled
Enforce use of IEEE 802.1X authentication for network accessDisabled
IEEE 802.1X Settings
Cache user information for subsequent connections to this networkDisabled
Computer AuthenticationComputer only
Maximum Authentication Failures1
Maximum EAPOL-Start Messages Sent
Held Period (seconds)
Start Period (seconds)
Authentication Period (seconds)
Network Authentication Method Properties
Authentication methodSmart card or certificate
Validate server certificateDisabled
Use a certificate on this computerEnabled
Use simple certificate selectionEnabled
Use a different username for the connectionDisabled
Public Key Policies/Automatic Certificate Request Settings
Automatic Certificate Request
Computer

For additional information about individual settings, launch the Local Group Policy Object Editor.
Preferences
Control Panel Settings
Services
Service (Name: dot3svc)
dot3svc (Order: 1)
General
Service namedot3svc
ActionStart service
Startup type:Automatic
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
BFL WIFI Settings
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL WIFI Settings
Data collected on: 23/04/2025 10:47:32
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created02/05/2019 16:45:30
Modified15/09/2020 22:58:18
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{1C31C0A3-602E-43B1-90BD-30004DCC8D3B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Wireless Network (802.11) Policies
Beazley Internal WLAN
Policy NameBeazley Internal WLAN
Policy Description
Policy TypeWindows Vista and Later Releases
Global Settings
Use Windows wireless LAN network services for clientsEnabled
Shared user credentials for network authenticationEnabled
Hosted networksEnabled
Allow user to view denied networksEnabled
Allow everyone to create all user profilesEnabled
Only use Group Policy profiles for allowed networksDisabled
Network Filters
Prevent connection to infrastructure networksDisabled
Prevent connection to adhoc networksDisabled
Allowed Networks
Network Name (SSID)Network Type
WiFi-PInfrastructure
Wireless-PInfrastructure
Preferred Network Profiles
WiFi-P
Profile NameWiFi-P
Network TypeInfrastructure
Automatically connect to this networkEnabled
Automatically switch to a more preferred networkDisabled
  
Network Name (SSID)Network Broadcasts its SSID
WiFi-PFalse
Security Settings
AuthenticationWPA2
EncryptionAES
Use 802.1XEnabled
Pairwise Master Key (PMK) CachingEnabled
PMK Time-to-Live (minutes)720
Number of Entries in PMK Cache128
Maximum Pre-authentication Failures3
IEEE 802.1X Settings
Computer AuthenticationComputer only
Maximum Authentication Failures1
Maximum EAPOL-Start Messages Sent
Held Period (seconds)
Start Period (seconds)
Authentication Period (seconds)
Network Authentication Method Properties
Authentication methodSmart card or certificate
Validate server certificateEnabled
Connect to these servershybrid.beazley.com
Trusted Root Certification AuthoritiesDigiCert Global Root CA
Do not prompt user to authorize new servers or trusted certification authoritiesEnabled
Use a certificate on this computerEnabled
Use simple certificate selectionEnabled
Use a different username for the connectionDisabled
Wireless-P
Profile NameWireless-P
Network TypeInfrastructure
Automatically connect to this networkEnabled
Automatically switch to a more preferred networkEnabled
  
Network Name (SSID)Network Broadcasts its SSID
Wireless-PFalse
Security Settings
AuthenticationWPA2
EncryptionAES
Use 802.1XEnabled
Pairwise Master Key (PMK) CachingEnabled
PMK Time-to-Live (minutes)720
Number of Entries in PMK Cache128
Maximum Pre-authentication Failures3
IEEE 802.1X Settings
Computer AuthenticationUser re-authentication
Maximum Authentication Failures1
Maximum EAPOL-Start Messages Sent3
Held Period (seconds)1
Start Period (seconds)5
Authentication Period (seconds)18
Network Authentication Method Properties
Authentication methodProtected EAP (PEAP)
Validate server certificateDisabled
Enable fast reconnectEnabled
Disconnect if server does not present cryptobinding TLVDisabled
Enforce network access protectionDisabled
Authentication Method Configuration
Authentication methodSecured password (EAP-MSCHAP v2)
Automatically use my Windows logon name and password(and domain if any)Enabled
User Configuration (Enabled)
No settings defined.
BFL Domain Controller Cert Enrolment
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Domain Controller Cert Enrolment
Data collected on: 23/04/2025 10:47:32
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/05/2019 16:22:08
Modified15/09/2020 22:58:42
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{34505B2C-4592-4670-AAF0-3651D947F949}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Domain ControllersNoEnabledbfl.local/Domain Controllers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
S-1-5-21-58594938-1633628789-801526373-63083
S-1-5-21-58594938-1633628789-801526373-89083
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-63083Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-89083Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Public Key Policies/Certificate Services Client - Auto-Enrollment Settings
PolicySetting
Automatic certificate managementEnabled
OptionSetting
Enroll new certificates, renew expired certificates, process pending certificate requests and remove revoked certificatesEnabled
Update and manage certificates that use certificate templates from Active DirectoryEnabled
User Configuration (Disabled)
No settings defined.
GBL Root Certificates
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Root Certificates
Data collected on: 23/04/2025 10:47:32
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created25/06/2019 14:01:18
Modified15/09/2020 23:00:42
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{7D8A6749-D9D3-48C4-BC99-05F9A61CA772}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
DesktopsNoEnabledbfl.local/Accounts Computer/Desktops
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
AAA Certificate ServicesAAA Certificate Services31/12/2028 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
AC Raíz Certicámara S.A.AC Raíz Certicámara S.A.24/05/2031 19:39:46Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security IKE intermediate, IP security tunnel termination, IP security user, IP security end system
AC Raíz Certicámara S.A.AC Raíz Certicámara S.A.02/04/2030 22:42:02Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security IKE intermediate, IP security tunnel termination, IP security user, IP security end system
AC RAIZ DNIEAC RAIZ DNIE08/02/2036 22:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
AC RAIZ FNMT-RCMAC RAIZ FNMT-RCM01/01/2030 00:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
AC RAIZ FNMT-RCMAC RAIZ FNMT-RCM01/01/2030 00:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping, Document Signing
AC1 RAIZ MTINAC1 RAIZ MTIN03/11/2019 16:17:45Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
ACA ROOTACA ROOT27/05/2041 11:58:51Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
ACCVRAIZ1ACCVRAIZ131/12/2030 09:37:37Server Authentication, Client Authentication, Secure Email, Code Signing
ACEDICOM RootACEDICOM Root13/04/2028 17:24:22Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
ACNLBACNLB15/05/2023 13:22:45Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, Document Signing, OCSP Signing
Actalis Authentication CA G1Actalis Authentication CA G125/06/2022 15:06:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Actalis Authentication Root CAActalis Authentication Root CA22/09/2030 12:22:02Server Authentication, Client Authentication, Secure Email, Time Stamping, Code Signing
AddTrust External CA RootAddTrust External CA Root30/05/2020 11:48:38Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Admin-Root-CAAdmin-Root-CA10/11/2021 07:51:07Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, IP security tunnel termination, IP security user, IP security IKE intermediate
AffirmTrust CommercialAffirmTrust Commercial31/12/2030 14:06:06Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
AffirmTrust NetworkingAffirmTrust Networking31/12/2030 14:08:24Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
AffirmTrust PremiumAffirmTrust Premium31/12/2040 14:10:36Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
AffirmTrust Premium ECCAffirmTrust Premium ECC31/12/2040 14:20:24Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Amazon Root CA 1Amazon Root CA 117/01/2038 00:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping, Encrypting File System, Document Signing
Amazon Root CA 2Amazon Root CA 226/05/2040 01:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
Amazon Root CA 3Amazon Root CA 326/05/2040 01:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping, Encrypting File System, Document Signing
Amazon Root CA 4Amazon Root CA 426/05/2040 01:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
America Online Root Certification Authority 1America Online Root Certification Authority 119/11/2037 20:43:00Code Signing
ANCERT Certificados CGNANCERT Certificados CGN11/02/2024 17:27:12Server Authentication, Client Authentication, Secure Email, Code Signing, IP security user, Time Stamping, OCSP Signing
ANCERT Certificados CGN V2ANCERT Certificados CGN V225/05/2030 17:31:23Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Document Signing
ANCERT Certificados NotarialesANCERT Certificados Notariales11/02/2024 15:58:26Server Authentication, Client Authentication, Secure Email, Code Signing, IP security user, Time Stamping, OCSP Signing
ANCERT Certificados Notariales V2ANCERT Certificados Notariales V225/05/2030 17:56:14Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Document Signing
ANCERT Corporaciones de Derecho PublicoANCERT Corporaciones de Derecho Publico11/02/2024 17:22:45Server Authentication, Client Authentication, Secure Email, Code Signing, IP security user, Time Stamping, OCSP Signing
ANF Global Root CAANF Global Root CA05/06/2033 18:45:29Server Authentication, Client Authentication
ANF Server CAANF Server CA30/11/2021 23:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Application CA G3 RootApplication CA G3 Root03/06/2034 15:59:59Time Stamping, Server Authentication, Secure Email, Code Signing
Application CA G4 RootApplication CA G4 Root15/02/2037 14:59:59Server Authentication, Secure Email, Code Signing
ApplicationCA2 RootApplicationCA2 Root12/03/2033 15:00:00Server Authentication, Code Signing, Time Stamping
ATHEX Root CAATHEX Root CA17/10/2030 22:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Encrypting File System
ATHEX Root CA G2ATHEX Root CA G214/03/2036 22:00:00Server Authentication, Secure Email, Time Stamping, Document Signing
Atos TrustedRoot 2011Atos TrustedRoot 201131/12/2030 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user, OCSP Signing
A-Trust-nQual-03A-Trust-nQual-0323/07/2025 09:38:29Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user, IP security IKE intermediate, OCSP Signing
A-Trust-Qual-02A-Trust-Qual-0201/07/2024 10:23:33Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
A-Trust-Root-05A-Trust-Root-0520/09/2023 12:24:11Server Authentication, Client Authentication, Secure Email, Code Signing
Australian Defence Public Root CAAustralian Defence Public Root CA28/11/2036 22:13:48Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user, IP security end system
Autoridad Certificadora Raiz de la Secretaria de EconomiaAutoridad Certificadora Raiz de la Secretaria de Economia08/05/2025 01:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Autoridad Certificadora Raíz Nacional de UruguayAutoridad Certificadora Raíz Nacional de Uruguay29/10/2031 15:02:49Server Authentication, Client Authentication, Code Signing, Time Stamping, Secure Email, IP security user, Document Signing
Autoridad de Certificacion de la AbogaciaAutoridad de Certificacion de la Abogacia13/06/2030 23:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
Autoridad de Certificacion Firmaprofesional CIF A62634068Autoridad de Certificacion Firmaprofesional CIF A6263406831/12/2030 08:38:15Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Autoridad de Certificacion Raiz del Estado VenezolanoAutoridad de Certificacion Raiz del Estado Venezolano23/12/2030 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Autoridad de Certificacion Raiz del Estado VenezolanoAutoridad de Certificacion Raiz del Estado Venezolano11/02/2027 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Autoridade Certificadora Raiz Brasileira v1Autoridade Certificadora Raiz Brasileira v129/07/2021 20:17:10Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Autoridade Certificadora Raiz Brasileira v2Autoridade Certificadora Raiz Brasileira v221/06/2023 20:04:57Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, IP security tunnel termination, IP security user, Encrypting File System
Autoridade Certificadora Raiz Brasileira v5Autoridade Certificadora Raiz Brasileira v502/03/2029 23:59:38Time Stamping, Document Signing, Client Authentication, Secure Email
Baltimore CyberTrust RootBaltimore CyberTrust Root13/05/2025 00:59:00Server Authentication, Secure Email, Client Authentication, Code Signing, OCSP Signing, Time Stamping
Buypass Class 2 Root CABuypass Class 2 Root CA26/10/2040 09:38:03Server Authentication, Client Authentication, OCSP Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Buypass Class 3 Root CABuypass Class 3 Root CA26/10/2040 09:28:58Server Authentication, Client Authentication, OCSP Signing, Secure Email, Time Stamping
BYTE Root Certification Authority 001BYTE Root Certification Authority 00110/09/2039 23:01:54Client Authentication, Secure Email, Code Signing, Time Stamping, Document Signing
CA DATEV BT 02CA DATEV BT 0202/08/2019 09:59:44Client Authentication, Secure Email, Time Stamping, Encrypting File System, OCSP Signing, Document Signing
CA DATEV BT 03CA DATEV BT 0302/08/2022 08:40:59Client Authentication, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, Document Signing
CA DATEV INT 02CA DATEV INT 0202/08/2019 09:59:44Client Authentication, Secure Email, Time Stamping, Encrypting File System, OCSP Signing, Document Signing
CA DATEV INT 03CA DATEV INT 0302/08/2022 08:40:59Client Authentication, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, Document Signing
CA DATEV STD 02CA DATEV STD 0202/08/2019 09:59:44Client Authentication, Secure Email, Time Stamping, Encrypting File System, OCSP Signing, Document Signing
CA DATEV STD 03CA DATEV STD 0302/08/2022 08:40:59Client Authentication, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, Document Signing
CA Disig Root R1CA Disig Root R119/07/2042 10:06:56Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System
CA Disig Root R2CA Disig Root R219/07/2042 10:15:30Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System
CA WoSign ECC RootCA WoSign ECC Root08/11/2044 00:58:58Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
CA 沃通根证书CA 沃通根证书08/08/2039 02:00:01Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
CAEDICOM RootCAEDICOM Root21/05/2034 11:20:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Document Signing
CCA India 2014CCA India 201405/03/2024 10:10:49Client Authentication, Secure Email, Time Stamping, Encrypting File System, Document Signing
CCA India 2015 SPLCCA India 2015 SPL29/01/2025 11:36:43Server Authentication, Client Authentication, Secure Email, Time Stamping, Encrypting File System, Document Signing, Code Signing
Certeurope Root CA 2Certeurope Root CA 227/03/2037 23:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping
Certification Authority of WoSignCertification Authority of WoSign08/08/2039 02:00:01Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Certification Authority of WoSign G2Certification Authority of WoSign G208/11/2044 00:58:58Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
CertignaCertigna29/06/2027 16:13:05Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, OCSP Signing, IP security tunnel termination, IP security user, IP security IKE intermediate
Certigna Root CACertigna Root CA01/10/2033 09:32:27Client Authentication, Code Signing, Secure Email, Encrypting File System, Document Signing, Server Authentication, Time Stamping
Certinomis - Autorité RacineCertinomis - Autorité Racine17/09/2028 09:28:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Certinomis - Root CACertinomis - Root CA21/10/2033 10:17:18Server Authentication, Client Authentication, Secure Email, Time Stamping
Certipost E-Trust Primary Normalised CACertipost E-Trust Primary Normalised CA26/07/2020 11:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Document Signing
Certipost E-Trust Primary Qualified CACertipost E-Trust Primary Qualified CA26/07/2020 11:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Document Signing
Certipost E-Trust TOP Root CACertipost E-Trust TOP Root CA26/07/2025 11:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Document Signing
Certplus Root CA G1Certplus Root CA G115/01/2038 00:00:00Server Authentication, Code Signing, Secure Email, Client Authentication, Document Signing, Encrypting File System, Time Stamping
Certplus Root CA G2Certplus Root CA G215/01/2038 00:00:00Server Authentication, Code Signing, Secure Email, Client Authentication, Document Signing, Encrypting File System, Time Stamping
certSIGN ROOT CAcertSIGN ROOT CA04/07/2031 18:20:04Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
certSIGN ROOT CA G2certSIGN ROOT CA G206/02/2042 09:27:35Server Authentication, Client Authentication, Secure Email, Document Signing
Certum CACertum CA11/06/2027 11:46:39Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
Certum Trusted Network CACertum Trusted Network CA31/12/2029 12:07:37Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Certum Trusted Network CA 2Certum Trusted Network CA 206/10/2046 09:39:56Server Authentication, Client Authentication, Secure Email, Code Signing
CFCA EV ROOTCFCA EV ROOT31/12/2029 03:07:01Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user, OCSP Signing
CFCA GT CACFCA GT CA09/06/2026 09:15:09Server Authentication, Client Authentication, Secure Email, Time Stamping, IP security tunnel termination, IP security user, Encrypting File System, OCSP Signing, Code Signing
CFCA Identity CACFCA Identity CA30/06/2040 02:21:12Document Signing
Chambers of Commerce RootChambers of Commerce Root30/09/2037 17:13:44Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Chambers of Commerce Root - 2008Chambers of Commerce Root - 200831/07/2038 13:29:50Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
CHAMBERS OF COMMERCE ROOT - 2016CHAMBERS OF COMMERCE ROOT - 201608/04/2040 08:35:48Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
China Internet Network Information Center EV Certificates RootChina Internet Network Information Center EV Certificates Root31/08/2030 08:11:25Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Cisco Root CA 2048Cisco Root CA 204814/05/2029 21:25:42Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security IKE intermediate, IP security tunnel termination, IP security user, IP security end system
Cisco RXC-R2Cisco RXC-R209/07/2034 22:46:56Server Authentication, Client Authentication
CISRCA1CISRCA116/10/2032 19:28:33Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
Class 1 Primary CAClass 1 Primary CA07/07/2020 00:59:59Server Authentication, Client Authentication, Secure Email, Code Signing
Class 2 Primary CAClass 2 Primary CA07/07/2019 00:59:59Secure Email, Server Authentication, Client Authentication, Time Stamping
Class 3 Primary CAClass 3 Primary CA07/07/2019 00:59:59Secure Email, Server Authentication, Time Stamping
Class 3 Public Primary Certification AuthorityClass 3 Public Primary Certification Authority02/08/2028 00:59:59Server Authentication, Client Authentication, Secure Email, Code Signing
Class 3P Primary CAClass 3P Primary CA07/07/2019 00:59:59Secure Email, Server Authentication, Time Stamping
Class 3TS Primary CAClass 3TS Primary CA07/07/2019 00:59:59Secure Email, Server Authentication, Time Stamping
CNNIC ROOTCNNIC ROOT16/04/2027 08:09:14Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Common PolicyCommon Policy15/10/2027 17:08:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
COMODO Certification AuthorityCOMODO Certification Authority31/12/2030 23:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
COMODO ECC Certification AuthorityCOMODO ECC Certification Authority18/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
COMODO RSA Certification AuthorityCOMODO RSA Certification Authority18/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
ComSign Advanced Security CAComSign Advanced Security CA24/03/2029 21:55:55Server Authentication, Client Authentication, Secure Email, Code Signing
ComSign CAComSign CA19/03/2029 15:02:18Server Authentication, Client Authentication, Secure Email, Code Signing
ComSign Global Root CAComSign Global Root CA16/07/2036 11:24:55Server Authentication, Client Authentication, Secure Email, Time Stamping, OCSP Signing
ComSign Secured CAComSign Secured CA16/03/2029 15:04:56Server Authentication, Client Authentication, Secure Email, Code Signing
Correo Uruguayo - Root CACorreo Uruguayo - Root CA31/12/2030 02:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Cybertrust Global RootCybertrust Global Root15/12/2021 08:00:00Server Authentication, Client Authentication, Code Signing, Time Stamping, Secure Email
Deutsche Telekom Root CA 2Deutsche Telekom Root CA 210/07/2019 00:59:00Secure Email, Server Authentication, Client Authentication
DigiCert Assured ID Root CADigiCert Assured ID Root CA10/11/2031 00:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
DigiCert Assured ID Root G2DigiCert Assured ID Root G215/01/2038 12:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
DigiCert Assured ID Root G3DigiCert Assured ID Root G315/01/2038 12:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
DigiCert Global Root CADigiCert Global Root CA10/11/2031 00:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
DigiCert Global Root G2DigiCert Global Root G215/01/2038 12:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
DigiCert Global Root G3DigiCert Global Root G315/01/2038 12:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
DigiCert High Assurance EV Root CADigiCert High Assurance EV Root CA10/11/2031 00:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
DigiCert Trusted Root G4DigiCert Trusted Root G415/01/2038 12:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Digidentity L3 Root CA - G2Digidentity L3 Root CA - G210/11/2031 10:44:19Server Authentication, Client Authentication, Secure Email, Time Stamping, Code Signing, OCSP Signing
DST Root CA X3DST Root CA X330/09/2021 15:01:15Secure Email, Server Authentication, Client Authentication, Time Stamping, Encrypting File System, Document Signing
D-TRUST Root CA 3 2013D-TRUST Root CA 3 201320/09/2028 09:25:51Client Authentication, Secure Email
D-TRUST Root Class 2 CA 2007D-TRUST Root Class 2 CA 200716/05/2022 06:20:47Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
D-TRUST Root Class 3 CA 2 2009D-TRUST Root Class 3 CA 2 200905/11/2029 08:35:58Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
D-TRUST Root Class 3 CA 2 EV 2009D-TRUST Root Class 3 CA 2 EV 200905/11/2029 08:50:46Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
D-TRUST Root Class 3 CA 2007D-TRUST Root Class 3 CA 200716/05/2022 06:20:47Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
EC-ACCEC-ACC07/01/2031 22:59:59Server Authentication, OCSP Signing, Client Authentication, Secure Email, Code Signing, Time Stamping
Echoworx Root CA2Echoworx Root CA207/10/2030 11:49:13Client Authentication, Secure Email, Document Signing
ECRaizEstadoECRaizEstado23/06/2030 14:41:27Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
EE Certification Centre Root CAEE Certification Centre Root CA17/12/2030 23:59:59Time Stamping, Secure Email, Code Signing, Server Authentication, Client Authentication
E-ME SSI (RCA)E-ME SSI (RCA)19/05/2027 09:48:15Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
emSign ECC Root CA - C3emSign ECC Root CA - C318/02/2043 18:30:00Time Stamping, Document Signing, Server Authentication, Client Authentication, Secure Email, Code Signing
emSign ECC Root CA - G3emSign ECC Root CA - G318/02/2043 18:30:00Time Stamping, Document Signing, Server Authentication, Client Authentication, Secure Email, Code Signing
emSign Root CA - C1emSign Root CA - C118/02/2043 18:30:00Document Signing, Server Authentication, Client Authentication, Secure Email
emSign Root CA - C2emSign Root CA - C218/02/2043 18:30:00Time Stamping, Code Signing
emSign Root CA - G1emSign Root CA - G118/02/2043 18:30:00Document Signing, Server Authentication, Client Authentication, Secure Email
emSign Root CA - G2emSign Root CA - G218/02/2043 18:30:00Time Stamping, Code Signing
Entrust Root Certification AuthorityEntrust Root Certification Authority27/11/2026 20:53:42Server Authentication, Client Authentication, Code Signing, Secure Email, IP security tunnel termination, IP security user, IP security IKE intermediate, Time Stamping, Encrypting File System
Entrust Root Certification Authority - EC1Entrust Root Certification Authority - EC118/12/2037 15:55:36Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Entrust Root Certification Authority - G2Entrust Root Certification Authority - G207/12/2030 17:55:54Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Entrust Root Certification Authority - G4Entrust Root Certification Authority - G427/12/2037 11:41:16Time Stamping, Document Signing, Server Authentication, OCSP Signing, Client Authentication, Secure Email, Code Signing
Entrust.net Certification Authority (2048)Entrust.net Certification Authority (2048)24/07/2029 15:15:12Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
ePKI EV SSL Certification Authority - G1ePKI Root Certification Authority - G204/02/2030 03:06:31Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
ePKI Root Certification AuthorityePKI Root Certification Authority20/12/2034 02:31:27Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, IP security tunnel termination, IP security user, IP security IKE intermediate
ePKI Root Certification Authority - G2ePKI Root Certification Authority - G231/12/2037 15:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
Equifax Secure Global eBusiness CA-1Equifax Secure Global eBusiness CA-121/06/2020 05:00:00Secure Email, Server Authentication, Code Signing
esignit.orgesignit.org20/06/2030 19:47:46Client Authentication, Document Signing
E-Tugra Certification AuthorityE-Tugra Certification Authority03/03/2023 12:09:48Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Federal Common Policy CAFederal Common Policy CA01/12/2030 16:45:27Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user, OCSP Signing
Fina Root CAFina Root CA24/11/2035 19:37:30Time Stamping, Server Authentication, Client Authentication, Secure Email
Főtanúsítványkiadó - Kormányzati Hitelesítés SzolgáltatóFőtanúsítványkiadó - Kormányzati Hitelesítés Szolgáltató13/09/2033 11:27:04Server Authentication, Client Authentication, Secure Email, Time Stamping, Encrypting File System, Document Signing
GDCA TrustAUTH R5 ROOTGDCA TrustAUTH R5 ROOT31/12/2040 15:59:59Server Authentication, Client Authentication, Code Signing, Time Stamping, Secure Email, Document Signing, Encrypting File System
GeoTrust Global CAGeoTrust Global CA21/05/2022 05:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
GeoTrust Primary Certification AuthorityGeoTrust Primary Certification Authority17/07/2036 00:59:59Server Authentication, Client Authentication, Secure Email, Code Signing
GeoTrust Primary Certification Authority - G2GeoTrust Primary Certification Authority - G218/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
GeoTrust Primary Certification Authority - G3GeoTrust Primary Certification Authority - G301/12/2037 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
GeoTrust Universal CAGeoTrust Universal CA04/03/2029 05:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
GeoTrust Universal CA 2GeoTrust Universal CA 204/03/2029 05:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Global Chambersign RootGlobal Chambersign Root30/09/2037 17:14:18Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Global Chambersign Root - 2008Global Chambersign Root - 200831/07/2038 13:31:40Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
GLOBAL CHAMBERSIGN ROOT - 2016GLOBAL CHAMBERSIGN ROOT - 201608/04/2040 08:50:06Server Authentication, Client Authentication, Secure Email
GlobalSignGlobalSign19/01/2038 03:14:07Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
GlobalSignGlobalSign19/01/2038 03:14:07Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
GlobalSignGlobalSign15/12/2021 08:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, IP security tunnel termination, IP security user, IP security IKE intermediate
GlobalSignGlobalSign10/12/2034 00:00:00Code Signing, Time Stamping, Client Authentication, Secure Email, Encrypting File System, Document Signing, Server Authentication, OCSP Signing
GlobalSignGlobalSign18/03/2029 10:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
GlobalSign Root CAGlobalSign Root CA28/01/2028 12:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, IP security tunnel termination, IP security user, IP security IKE intermediate
GLOBALTRUSTGLOBALTRUST18/09/2036 15:12:35Server Authentication, Client Authentication, Code Signing, Secure Email, IP security tunnel termination, IP security user, IP security IKE intermediate, Time Stamping, Encrypting File System, Document Signing, OCSP Signing
GLOBALTRUST 2015GLOBALTRUST 201510/06/2040 01:00:00Time Stamping, Document Signing, Server Authentication, Client Authentication, Secure Email, Code Signing
Go Daddy Class 2 Certification AuthorityGo Daddy Class 2 Certification Authority29/06/2034 18:06:20Server Authentication, Client Authentication, Secure Email, Code Signing
Go Daddy Root Certificate Authority - G2Go Daddy Root Certificate Authority - G231/12/2037 23:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Government Root Certification AuthorityGovernment Root Certification Authority31/12/2037 15:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Government Root Certification AuthorityGovernment Root Certification Authority05/12/2032 13:23:33Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
GPKIRootCA1GPKIRootCA103/08/2031 07:52:30Server Authentication, Client Authentication, Secure Email
GTS Root R1GTS Root R122/06/2036 01:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping
GTS Root R2GTS Root R222/06/2036 01:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping
GTS Root R3GTS Root R322/06/2036 01:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping
GTS Root R4GTS Root R422/06/2036 01:00:00Server Authentication, Client Authentication, Secure Email, Time Stamping
Halcom CA FOHalcom CA FO05/06/2020 11:33:31Server Authentication, Client Authentication, Code Signing, Secure Email, IP security tunnel termination, IP security user, IP security IKE intermediate, Time Stamping, Encrypting File System, Document Signing, OCSP Signing
Halcom Root CAHalcom Root CA08/02/2032 09:55:41Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, IP security tunnel termination, IP security user
Halcom Root Certificate AuthorityHalcom Root Certificate Authority10/06/2036 08:07:50Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
Hellenic Academic and Research Institutions ECC RootCA 2015Hellenic Academic and Research Institutions ECC RootCA 201530/06/2040 11:37:12Server Authentication, Client Authentication, Secure Email, Code Signing
Hellenic Academic and Research Institutions RootCA 2011Hellenic Academic and Research Institutions RootCA 201101/12/2031 13:49:52Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Document Signing
Hellenic Academic and Research Institutions RootCA 2015Hellenic Academic and Research Institutions RootCA 201530/06/2040 11:11:21Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Document Signing
Hongkong Post Root CA 1Hongkong Post Root CA 115/05/2023 05:52:29Server Authentication, Client Authentication, Secure Email, Time Stamping, OCSP Signing
Hongkong Post Root CA 2Hongkong Post Root CA 205/09/2040 03:34:36Document Signing, Client Authentication, Secure Email
Hongkong Post Root CA 3Hongkong Post Root CA 303/06/2042 03:29:46Server Authentication, OCSP Signing, Client Authentication
Hotspot 2.0 Trust Root CA - 03Hotspot 2.0 Trust Root CA - 0308/12/2043 12:00:00Server Authentication, Client Authentication, Secure Email
I.CA - Qualified Certification Authority, 09/2009I.CA - Qualified Certification Authority, 09/200901/09/2019 01:00:00Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
I.CA - Standard Certification Authority, 09/2009I.CA - Standard Certification Authority, 09/200901/09/2019 01:00:00Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
I.CA Root CA/RSAI.CA Root CA/RSA27/05/2040 13:20:00Server Authentication, Client Authentication, Code Signing, Time Stamping, Secure Email, Document Signing
IdenTrust Commercial Root CA 1IdenTrust Commercial Root CA 116/01/2034 18:12:23Server Authentication, Secure Email, Client Authentication, Time Stamping, Encrypting File System, Document Signing
IdenTrust Public Sector Root CA 1IdenTrust Public Sector Root CA 116/01/2034 17:53:32Server Authentication, Secure Email, Client Authentication, Time Stamping, Encrypting File System, Document Signing
IGC/AIGC/A17/10/2020 15:29:22Server Authentication, Client Authentication, Code Signing, Secure Email, IP security tunnel termination, IP security user, IP security IKE intermediate, Time Stamping, Encrypting File System, Document Signing, OCSP Signing
IGC/A AC racine Etat francaisIGC/A AC racine Etat francais15/04/2028 10:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, IP security tunnel termination, IP security user, IP security IKE intermediate, Time Stamping, Encrypting File System, Document Signing, OCSP Signing
ISRG Root X1ISRG Root X104/06/2035 12:04:38Server Authentication
Izenpe.comIzenpe.com13/12/2037 08:27:25Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing, IP security tunnel termination, IP security user, IP security IKE intermediate
KEYNECTIS ROOT CAKEYNECTIS ROOT CA26/05/2020 01:00:00Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
KISA RootCA 1KISA RootCA 124/08/2025 09:05:46Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
LAWtrust Root Certification Authority 2048LAWtrust Root Certification Authority 204816/05/2032 17:10:18Client Authentication, Secure Email
LuxTrust Global RootLuxTrust Global Root17/03/2021 09:51:37Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
LuxTrust Global Root 2LuxTrust Global Root 205/03/2035 13:21:57Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Macao Post eSignTrust Root Certification Authority (G02)Macao Post eSignTrust Root Certification Authority (G02)05/01/2020 23:59:59Client Authentication, Secure Email, Time Stamping, IP security tunnel termination, IP security user, Encrypting File System, Code Signing
Microsec e-Szigno Root CA 2009Microsec e-Szigno Root CA 200930/12/2029 11:30:18Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Microsoft ECC Product Root Certificate Authority 2018Microsoft ECC Product Root Certificate Authority 201827/02/2043 20:50:46<All>
Microsoft ECC Root Certificate Authority 2017Microsoft ECC Root Certificate Authority 201726/07/2042 23:31:47Server Authentication, Client Authentication
Microsoft ECC TS Root Certificate Authority 2018Microsoft ECC TS Root Certificate Authority 201827/02/2043 21:00:12<All>
Microsoft EV ECC Root Certificate Authority 2017Microsoft EV ECC Root Certificate Authority 201726/07/2042 23:05:36Server Authentication, Client Authentication
Microsoft EV RSA Root Certificate Authority 2017Microsoft EV RSA Root Certificate Authority 201726/07/2042 22:47:58Server Authentication, Client Authentication
Microsoft Root AuthorityMicrosoft Root Authority31/12/2020 07:00:00<All>
Microsoft Root Certificate AuthorityMicrosoft Root Certificate Authority10/05/2021 00:28:13<All>
Microsoft Root Certificate Authority 2010Microsoft Root Certificate Authority 201023/06/2035 23:04:01<All>
Microsoft Root Certificate Authority 2011Microsoft Root Certificate Authority 201122/03/2036 22:13:04<All>
Microsoft RSA Root Certificate Authority 2017Microsoft RSA Root Certificate Authority 201726/07/2042 23:15:47Server Authentication, Client Authentication
Microsoft Time Stamp Root Certificate Authority 2014Microsoft Time Stamp Root Certificate Authority 201422/10/2039 23:15:19Time Stamping
MULTICERT Root Certification Authority 01MULTICERT Root Certification Authority 0104/04/2039 09:59:47Server Authentication, Client Authentication, Code Signing, Time Stamping, Secure Email, Document Signing, Encrypting File System
NAVER Global Root Certification AuthorityNAVER Global Root Certification Authority19/08/2037 00:59:59Document Signing, Server Authentication, Client Authentication, Secure Email
NetLock Arany (Class Gold) FőtanúsítványNetLock Arany (Class Gold) Főtanúsítvány06/12/2028 15:08:21Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
NetLock Minositett Kozjegyzoi (Class QA) TanusitvanykiadoNetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado15/12/2022 01:47:11Client Authentication, Secure Email, Code Signing, Time Stamping, Document Signing
NetLock Platina (Class Platinum) FőtanúsítványNetLock Platina (Class Platinum) Főtanúsítvány06/12/2028 15:12:44Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Netrust CA1Netrust CA130/03/2021 03:57:45Secure Email, OCSP Signing, IP security tunnel termination, IP security user, IP security IKE intermediate
Netrust Root CA 2Netrust Root CA 201/09/2041 09:55:17Server Authentication, Client Authentication, Secure Email, Time Stamping, IP security IKE intermediate, IP security tunnel termination, IP security user, OCSP Signing
Network Solutions Certificate AuthorityNetwork Solutions Certificate Authority31/12/2030 23:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
Network Solutions ECC Certificate AuthorityNetwork Solutions ECC Certificate Authority18/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Network Solutions RSA Certificate AuthorityNetwork Solutions RSA Certificate Authority18/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Notarius Root Certificate AuthorityNotarius Root Certificate Authority17/12/2034 16:00:51Client Authentication, Secure Email, Document Signing
OATI WebCARES Root CAOATI WebCARES Root CA03/06/2038 20:36:00Server Authentication, Client Authentication, Secure Email
OISTE WISeKey Global Root GA CAOISTE WISeKey Global Root GA CA11/12/2037 16:09:51Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
OISTE WISeKey Global Root GB CAOISTE WISeKey Global Root GB CA01/12/2039 15:10:31Server Authentication, Client Authentication, Code Signing, Time Stamping, Secure Email
OISTE WISeKey Global Root GC CAOISTE WISeKey Global Root GC CA09/05/2042 10:58:33Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
OpenTrust Root CA G1OpenTrust Root CA G115/01/2038 00:00:00Server Authentication, Code Signing, Secure Email, Client Authentication, Document Signing, Encrypting File System, Time Stamping
OpenTrust Root CA G2OpenTrust Root CA G215/01/2038 00:00:00Server Authentication, Code Signing, Secure Email, Client Authentication, Document Signing, Encrypting File System, Time Stamping
OpenTrust Root CA G3OpenTrust Root CA G315/01/2038 00:00:00Server Authentication, Code Signing, Secure Email, Client Authentication, Document Signing, Encrypting File System, Time Stamping
PersonalID Trustworthy RootCA 2011PersonalID Trustworthy RootCA 201101/09/2041 09:45:16Server Authentication, Client Authentication, OCSP Signing, Time Stamping, Code Signing
PosDigicert Class 2 Root CA G2PosDigicert Class 2 Root CA G217/10/2036 04:02:09Time Stamping, Server Authentication, Client Authentication
Posta CA RootPosta CA Root20/10/2028 13:52:08Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System
POSTArCAPOSTArCA07/02/2023 11:06:58Server Authentication, Client Authentication, Secure Email, Time Stamping, Encrypting File System
PostSignum Root QCA 2PostSignum Root QCA 219/01/2025 08:04:31Server Authentication, Client Authentication, Secure Email, Time Stamping
PostSignum Root QCA 4PostSignum Root QCA 426/07/2038 10:56:08Time Stamping, Document Signing, Server Authentication, OCSP Signing, Client Authentication, Secure Email
QuoVadis Root CA 1 G3QuoVadis Root CA 1 G312/01/2042 17:27:44Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
QuoVadis Root CA 2QuoVadis Root CA 224/11/2031 18:23:33Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
QuoVadis Root CA 2 G3QuoVadis Root CA 2 G312/01/2042 18:59:32Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
QuoVadis Root CA 3QuoVadis Root CA 324/11/2031 19:06:44Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
QuoVadis Root CA 3 G3QuoVadis Root CA 3 G312/01/2042 20:26:32Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
QuoVadis Root Certification AuthorityQuoVadis Root Certification Authority17/03/2021 18:33:33Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
RCSC RootCARCSC RootCA23/05/2044 09:36:51Document Signing, Server Authentication, Client Authentication
Registradores de España - CA RaízRegistradores de España - CA Raíz09/01/2031 17:00:39Server Authentication, Client Authentication, Secure Email
Root CA Generalitat ValencianaRoot CA Generalitat Valenciana01/07/2021 16:22:47Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
SAPO Class 2 Root CASAPO Class 2 Root CA14/09/2030 01:00:00Client Authentication, Secure Email, Code Signing, Time Stamping
SAPO Class 3 Root CASAPO Class 3 Root CA14/09/2030 01:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, IP security tunnel termination, IP security user
SAPO Class 4 Root CASAPO Class 4 Root CA14/09/2030 01:00:00Client Authentication, Secure Email, Code Signing, Time Stamping
Saudi National Root CASaudi National Root CA29/11/2029 07:25:20Server Authentication, Client Authentication, Secure Email, Time Stamping
Secure Global CASecure Global CA31/12/2029 19:52:06Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
SecureSign RootCA1SecureSign RootCA115/09/2020 15:59:59Secure Email, Server Authentication
SecureSign RootCA11SecureSign RootCA1108/04/2029 05:56:47Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
SecureSign RootCA2SecureSign RootCA215/09/2020 15:59:59Secure Email, Server Authentication
SecureSign RootCA3SecureSign RootCA315/09/2020 15:59:59Secure Email, Server Authentication
SecureTrust CASecureTrust CA31/12/2029 19:40:55Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Security Communication ECC RootCA1Security Communication ECC RootCA118/01/2038 05:15:28Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
Security Communication EV RootCA1Security Communication EV RootCA106/06/2037 03:12:32Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
Security Communication RootCA1Security Communication RootCA130/09/2023 05:20:49Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
Security Communication RootCA2Security Communication RootCA229/05/2029 06:00:39Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Security Communication RootCA3Security Communication RootCA318/01/2038 06:17:16Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
sigen-casigen-ca29/06/2021 22:57:46Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, Document Signing, OCSP Signing
Signet Root CASignet Root CA06/05/2038 12:38:04Server Authentication, Client Authentication, Secure Email, Time Stamping
sigov-casigov-ca10/01/2021 14:22:52Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, Document Signing, OCSP Signing
SITHS Root CA v1SITHS Root CA v129/03/2032 08:54:49Server Authentication, Client Authentication, Secure Email, Time Stamping, IP security tunnel termination, IP security user, Encrypting File System, Code Signing
SI-TRUST RootSI-TRUST Root25/12/2037 08:08:17Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing, OCSP Signing, Server Authentication
Sonera Class2 CASonera Class2 CA06/04/2021 08:29:40Server Authentication, Client Authentication, Secure Email, Code Signing
SSC GDL CA Root ASSC GDL CA Root A04/06/2033 14:00:47Client Authentication, Secure Email, Code Signing, Document Signing
SSC GDL CA Root BSSC GDL CA Root B04/06/2033 15:21:55Server Authentication, Client Authentication, Code Signing, Time Stamping
SSC GDL CA VS RootSSC GDL CA VS Root04/06/2033 16:28:36Client Authentication, Secure Email, Document Signing
SSC Root CA ASSC Root CA A28/12/2026 12:05:04Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
SSC Root CA BSSC Root CA B25/12/2026 12:08:26Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
SSC Root CA CSSC Root CA C22/12/2026 12:11:30Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping
SSL.com EV Root Certification Authority ECCSSL.com EV Root Certification Authority ECC12/02/2041 18:15:23Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
SSL.com EV Root Certification Authority RSASSL.com EV Root Certification Authority RSA12/02/2041 17:50:48Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
SSL.com EV Root Certification Authority RSA R2SSL.com EV Root Certification Authority RSA R230/05/2042 19:14:37Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
SSL.com Root Certification Authority ECCSSL.com Root Certification Authority ECC12/02/2041 18:14:03Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
SSL.com Root Certification Authority RSASSL.com Root Certification Authority RSA12/02/2041 17:39:39Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
Staat der Nederlanden EV Root CAStaat der Nederlanden EV Root CA08/12/2022 11:10:28Server Authentication, Client Authentication
Staat der Nederlanden Root CA - G2Staat der Nederlanden Root CA - G225/03/2020 11:03:10Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Staat der Nederlanden Root CA - G3Staat der Nederlanden Root CA - G313/11/2028 23:00:00Server Authentication, Client Authentication, Secure Email, Document Signing, IP security tunnel termination, IP security user
Starfield Class 2 Certification AuthorityStarfield Class 2 Certification Authority29/06/2034 18:39:16Server Authentication, Client Authentication, Secure Email, Code Signing
Starfield Root Certificate Authority - G2Starfield Root Certificate Authority - G231/12/2037 23:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Starfield Services Root Certificate AuthorityStarfield Services Root Certificate Authority31/12/2029 23:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, OCSP Signing, Encrypting File System, IP security tunnel termination, IP security user, IP security IKE intermediate
Starfield Services Root Certificate Authority - G2Starfield Services Root Certificate Authority - G231/12/2037 23:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
StartCom Certification AuthorityStartCom Certification Authority17/09/2036 20:46:36Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
StartCom Certification Authority G2StartCom Certification Authority G231/12/2039 23:59:01Server Authentication, Client Authentication, Secure Email, Code Signing
S-TRUST Authentication and Encryption Root CA 2005:PNS-TRUST Authentication and Encryption Root CA 2005:PN22/06/2030 00:59:59Client Authentication, Code Signing, Secure Email, IP security tunnel termination, IP security user, IP security IKE intermediate, Time Stamping, Encrypting File System
S-TRUST Universal Root CAS-TRUST Universal Root CA22/10/2038 00:59:59Server Authentication, Client Authentication, Secure Email, Document Signing, Time Stamping
Swedish Government Root Authority v2Swedish Government Root Authority v205/05/2040 12:24:19Time Stamping, Code Signing, Document Signing, Secure Email, Client Authentication, Server Authentication
Swedish Government Root Authority v3Swedish Government Root Authority v329/09/2040 12:42:09Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, Document Signing
Swiss Government Root CA ISwiss Government Root CA I15/02/2035 08:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Swiss Government Root CA IISwiss Government Root CA II16/02/2035 08:59:59Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Swiss Government Root CA IIISwiss Government Root CA III15/04/2041 07:59:59Server Authentication, Client Authentication, Code Signing
Swisscom Root CA 1Swisscom Root CA 118/08/2025 23:06:20Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
Swisscom Root CA 2Swisscom Root CA 225/06/2031 08:38:14Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, OCSP Signing
Swisscom Root EV CA 2Swisscom Root EV CA 225/06/2031 09:45:08Server Authentication, Client Authentication, Code Signing, Time Stamping
SwissSign Gold CA - G2SwissSign Gold CA - G225/10/2036 09:30:35Server Authentication, Client Authentication, Secure Email, Code Signing
SwissSign Gold Root CA - G3SwissSign Gold Root CA - G304/08/2037 14:31:47Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
SwissSign Platinum CA - G2SwissSign Platinum CA - G225/10/2036 09:36:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
SwissSign Platinum Root CA - G3SwissSign Platinum Root CA - G304/08/2037 14:34:04Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
SwissSign Silver CA - G2SwissSign Silver CA - G225/10/2036 09:32:46Server Authentication, Client Authentication, Secure Email, Code Signing
SwissSign Silver Root CA - G3SwissSign Silver Root CA - G304/08/2037 14:19:14Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
Symantec Class 1 Public Primary Certification Authority - G4Symantec Class 1 Public Primary Certification Authority - G418/01/2038 23:59:59Client Authentication, Secure Email
Symantec Class 1 Public Primary Certification Authority - G6Symantec Class 1 Public Primary Certification Authority - G601/12/2037 23:59:59Secure Email, Client Authentication
Symantec Class 2 Public Primary Certification Authority - G4Symantec Class 2 Public Primary Certification Authority - G418/01/2038 23:59:59Client Authentication, Secure Email
Symantec Class 2 Public Primary Certification Authority - G6Symantec Class 2 Public Primary Certification Authority - G601/12/2037 23:59:59Secure Email, Client Authentication
Symantec Class 3 Public Primary Certification Authority - G4Symantec Class 3 Public Primary Certification Authority - G401/12/2037 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Symantec Class 3 Public Primary Certification Authority - G6Symantec Class 3 Public Primary Certification Authority - G601/12/2037 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Symantec Enterprise Mobile Root for MicrosoftSymantec Enterprise Mobile Root for Microsoft14/03/2032 23:59:59Code Signing
SZAFIR ROOT CASZAFIR ROOT CA06/12/2031 11:10:57Server Authentication, Client Authentication, Secure Email, Time Stamping
SZAFIR ROOT CA2SZAFIR ROOT CA219/10/2035 08:43:30Server Authentication, Client Authentication, Secure Email
TC TrustCenter Class 3 CA IITC TrustCenter Class 3 CA II31/12/2025 22:59:59Client Authentication, Secure Email, Time Stamping
TeliaSonera Root CA v1TeliaSonera Root CA v118/10/2032 13:00:50Server Authentication, Client Authentication, Secure Email, Time Stamping, Code Signing
Thailand National Root Certification Authority - G1Thailand National Root Certification Authority - G127/03/2036 10:10:22Code Signing, Secure Email, Client Authentication, Document Signing, Encrypting File System, Server Authentication, Time Stamping
Thawte Premium Server CAThawte Premium Server CA31/12/2020 23:59:59Server Authentication, Code Signing
thawte Primary Root CAthawte Primary Root CA17/07/2036 00:59:59Server Authentication, Client Authentication, Secure Email, Code Signing
thawte Primary Root CA - G2thawte Primary Root CA - G218/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
thawte Primary Root CA - G3thawte Primary Root CA - G301/12/2037 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Thawte Server CAThawte Server CA31/12/2020 23:59:59Server Authentication, Code Signing
Thawte Timestamping CAThawte Timestamping CA31/12/2020 23:59:59Time Stamping
TM Applied Business Root CertificateTM Applied Business Root Certificate10/10/2031 07:53:39Server Authentication, Client Authentication, Secure Email, Time Stamping
TRUST2408 OCES Primary CATRUST2408 OCES Primary CA03/12/2037 13:11:34Client Authentication, Secure Email, Encrypting File System, IP security tunnel termination, IP security user
TrustCor ECA-1TrustCor ECA-131/12/2029 17:28:07Client Authentication, Secure Email, Server Authentication
TrustCor RootCert CA-1TrustCor RootCert CA-131/12/2029 17:23:16Client Authentication, Secure Email, Server Authentication
TrustCor RootCert CA-2TrustCor RootCert CA-231/12/2034 17:26:39Client Authentication, Secure Email, Server Authentication
Trustis FPS Root CATrustis FPS Root CA21/01/2024 11:36:54Server Authentication, Client Authentication, Secure Email, IP security IKE intermediate, IP security tunnel termination, IP security user
Trustwave Global Certification AuthorityTrustwave Global Certification Authority23/08/2042 20:34:12Server Authentication, Client Authentication, Secure Email, Code Signing
Trustwave Global ECC P256 Certification AuthorityTrustwave Global ECC P256 Certification Authority23/08/2042 20:35:10Server Authentication, Client Authentication, Secure Email, Code Signing
Trustwave Global ECC P384 Certification AuthorityTrustwave Global ECC P384 Certification Authority23/08/2042 20:36:43Server Authentication, Client Authentication, Secure Email, Code Signing
T-TeleSec GlobalRoot Class 2T-TeleSec GlobalRoot Class 202/10/2033 00:59:59Server Authentication, Client Authentication, Secure Email
T-TeleSec GlobalRoot Class 3T-TeleSec GlobalRoot Class 302/10/2033 00:59:59Server Authentication, Client Authentication, Secure Email, OCSP Signing
TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 125/10/2043 08:25:55Server Authentication, Client Authentication
Tunisian Root Certificate Authority - TunRootCA2Tunisian Root Certificate Authority - TunRootCA205/05/2027 09:57:01Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Encrypting File System, Document Signing
TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H528/04/2023 09:07:01Server Authentication
TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H616/12/2023 09:04:10Server Authentication
TWCA Global Root CATWCA Global Root CA31/12/2030 15:59:59Server Authentication, Secure Email, Code Signing
TWCA Root Certification AuthorityTWCA Root Certification Authority31/12/2030 15:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
TWCA Root Certification AuthorityTWCA Root Certification Authority31/12/2030 15:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
UCA Extended Validation RootUCA Extended Validation Root31/12/2038 00:00:00Server Authentication, Client Authentication, Code Signing
UCA Global G2 RootUCA Global G2 Root31/12/2040 00:00:00Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Document Signing
UCA Global RootUCA Global Root31/12/2037 00:00:00Time Stamping, IP security user, IP security tunnel termination, Secure Email, Code Signing, Client Authentication, Server Authentication
UCA RootUCA Root31/12/2029 00:00:00Time Stamping, IP security user, IP security tunnel termination, Secure Email, Code Signing, Client Authentication, Server Authentication
USERTrust ECC Certification AuthorityUSERTrust ECC Certification Authority18/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
USERTrust RSA Certification AuthorityUSERTrust RSA Certification Authority18/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, Encrypting File System, IP security tunnel termination, IP security user
UTN-USERFirst-Client Authentication and EmailUTN-USERFirst-Client Authentication and Email09/07/2019 18:36:58Secure Email, Client Authentication
UTN-USERFirst-HardwareUTN-USERFirst-Hardware09/07/2019 19:19:22IP security user, IP security tunnel termination, Server Authentication
UTN-USERFirst-ObjectUTN-USERFirst-Object09/07/2019 19:40:36Encrypting File System, Time Stamping, Code Signing
VAS Latvijas Pasts SSI(RCA)VAS Latvijas Pasts SSI(RCA)13/09/2024 10:27:57Server Authentication, Client Authentication, Code Signing, Secure Email, Time Stamping, Document Signing
VeriSign Class 1 Public Primary Certification Authority - G3VeriSign Class 1 Public Primary Certification Authority - G317/07/2036 00:59:59Client Authentication, Secure Email
VeriSign Class 2 Public Primary Certification Authority - G3VeriSign Class 2 Public Primary Certification Authority - G317/07/2036 00:59:59Code Signing, Client Authentication, Secure Email
VeriSign Class 3 Public Primary Certification Authority - G3VeriSign Class 3 Public Primary Certification Authority - G317/07/2036 00:59:59Code Signing, Server Authentication, Client Authentication, Secure Email
VeriSign Class 3 Public Primary Certification Authority - G4VeriSign Class 3 Public Primary Certification Authority - G418/01/2038 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
VeriSign Class 3 Public Primary Certification Authority - G5VeriSign Class 3 Public Primary Certification Authority - G517/07/2036 00:59:59Server Authentication, Client Authentication, Secure Email, Code Signing
VeriSign Trust NetworkVeriSign Trust Network02/08/2028 00:59:59Secure Email, Client Authentication, Code Signing, Server Authentication
VeriSign Universal Root Certification AuthorityVeriSign Universal Root Certification Authority01/12/2037 23:59:59Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Verizon Global Root CAVerizon Global Root CA30/07/2034 15:27:04Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
VI Registru Centras RCSC (RootCA)VI Registru Centras RCSC (RootCA)21/07/2024 12:47:46Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping
Visa eCommerce RootVisa eCommerce Root24/06/2022 01:16:12Server Authentication, Client Authentication, Secure Email, OCSP Signing
Visa Information Delivery Root CAVisa Information Delivery Root CA29/06/2025 18:42:42Server Authentication, Client Authentication, Secure Email, OCSP Signing
VRK Gov. Root CAVRK Gov. Root CA18/12/2023 13:51:08Server Authentication, Client Authentication, Secure Email, Document Signing, Time Stamping
VRK Gov. Root CA - G2VRK Gov. Root CA - G213/12/2038 08:50:31Server Authentication, Client Authentication, Secure Email, Document Signing
XRamp Global Certification AuthorityXRamp Global Certification Authority01/01/2035 05:37:19Server Authentication, Client Authentication, Secure Email, Code Signing, Time Stamping, OCSP Signing
ZETES TSP ROOT CA 001ZETES TSP ROOT CA 00120/05/2036 14:23:38Time Stamping, Document Signing, OCSP Signing, Client Authentication, Secure Email

For additional information about individual settings, launch the Local Group Policy Object Editor.
User Configuration (Enabled)
No settings defined.
iSecUK Agent Certificates
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
iSecUK Agent Certificates
Data collected on: 23/04/2025 10:47:32
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created09/07/2019 10:42:06
Modified15/09/2020 23:01:12
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{076D997A-4A97-4C78-9079-2A63474994E2}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
UKNoEnabledbfl.local/Accounts Computer/Desktops/UK

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
ada19bba-02ac-4934-a7bb-84ec89f89feeST Root Authority20/05/2021 16:38:29Client Authentication, Server Authentication, 1.3.6.1.4.1.27623.10.2
ST Root AuthorityST Root Authority16/01/2028 14:45:381.3.6.1.4.1.27623.10.1, 1.3.6.1.4.1.27623.10.2, 1.3.6.1.4.1.27623.10.3, Server Authentication, Client Authentication

For additional information about individual settings, launch the Local Group Policy Object Editor.
User Configuration (Enabled)
No settings defined.
iSecUS Agent Certificates
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
iSecUS Agent Certificates
Data collected on: 23/04/2025 10:47:32
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created11/07/2019 16:38:08
Modified15/09/2020 23:01:20
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{AEA34395-A071-446C-B4B9-3CE1194AB07F}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
USNoEnabledbfl.local/Accounts Computer/Desktops/US

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
0be4aed1-81c9-4a6e-8c87-399cbd359779ST Root Authority11/06/2021 11:17:01Client Authentication, Server Authentication, 1.3.6.1.4.1.27623.10.2
ST Root AuthorityST Root Authority10/06/2029 16:45:571.3.6.1.4.1.27623.10.1, 1.3.6.1.4.1.27623.10.2, 1.3.6.1.4.1.27623.10.3, Server Authentication, Client Authentication

For additional information about individual settings, launch the Local Group Policy Object Editor.
User Configuration (Enabled)
No settings defined.
BFL Hybrid AD Join Block
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Hybrid AD Join Block
Data collected on: 23/04/2025 10:47:32
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created19/09/2019 12:04:28
Modified08/07/2021 12:05:08
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{794B5ACD-BBAD-4CD0-9031-D8836674F637}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Device Registration
PolicySettingComment
Register domain joined computers as devicesDisabled
Preferences
Windows Settings
Registry
BlockAADWorkplaceJoin (Order: 1)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin
Value nameBlockAADWorkplaceJoin
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
User Configuration (Disabled)
No settings defined.
CVAD-GL-Hybrid AD Join-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-Hybrid AD Join-CP
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created19/09/2019 12:12:08
Modified15/04/2024 13:16:24
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions19 (AD), 19 (SYSVOL)
Unique ID{BA6AAD83-2E1C-4AAB-91D8-35598CFE8E35}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
Office 365 ReplicatedNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD/Office 365 Replicated
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
Office 365 ReplicatedNoDisabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD/Office 365 Replicated
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Citrix.GPO.BlockCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Not configured
NameParameters
\\bfl.local\NETLOGON\WIN10\VDIJoin.bat
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Device Registration
PolicySettingComment
Register domain joined computers as devicesEnabled
Preferences
Windows Settings
Registry
BlockAADWorkplaceJoin (Order: 1)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin
Value nameBlockAADWorkplaceJoin
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
TenantId (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\CDJ\AAD
Value nameTenantId
Value typeREG_SZ
Value data9a50eba8-7568-447a-bcb9-27a0d464aa80
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
TenantName (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\CDJ\AAD
Value nameTenantName
Value typeREG_SZ
Value databeazley.com
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
Citrix VDA Server Computer Settings
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix VDA Server Computer Settings
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created13/11/2015 11:57:14
Modified15/09/2020 23:05:34
User Revisions25 (AD), 25 (SYSVOL)
Computer Revisions38 (AD), 38 (SYSVOL)
Unique ID{01A8F6EA-33C8-4BC8-948F-2B6AB98E915A}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
System Services
CcmExec (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVB File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Hash Rules
SCNotification.exe (5.0.7804.1000); SCNotification.exe; SCNotification; System Center Configuration Manager; Microsoft Corporation
Security LevelDisallowed
DescriptionTo prevent SCCM reboot notifications after server patching/updates.
Date last modified25/07/2013 16:34:05
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified25/07/2013 16:30:24
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified25/07/2013 16:30:24
C:\Windows\CCM\SCNotification.exe
Security LevelDisallowed
DescriptionTo prevent SCCM reboot notifications after server patching/updates.
Date last modified25/07/2013 16:34:31
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Licensing
PolicySettingComment
Set the Remote Desktop licensing modeEnabled
Specify the licensing mode for the RD Session Host server.Per User
PolicySettingComment
Use the specified Remote Desktop license serversEnabled
License servers to use:UKPRIM073.bfl.local
Separate license server names with commas.
Example: Server1,Server2.example.com,192.168.1.1
User Configuration (Disabled)
No settings defined.
UK CTX-UK Beazley Desktop ENG-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK CTX-UK Beazley Desktop ENG-CP
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created05/09/2018 11:00:28
Modified15/09/2020 23:07:22
User Revisions10 (AD), 10 (SYSVOL)
Computer Revisions10 (AD), 10 (SYSVOL)
Unique ID{A62235AE-BA64-4705-AC77-0D92E9167820}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Disabled)
No settings defined.
CVAD-GL-FAS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-FAS
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/12/2019 11:39:22
Modified07/03/2023 12:26:34
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions7 (AD), 7 (SYSVOL)
Unique ID{25AE66C9-3D9D-4204-8D2F-1142DF884E88}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS
Cloud VDANoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
Cloud VDANoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENG - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG - W11
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
EU Beazley HSD Desktop ENG - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG - W22
EU Beazley HSD Desktop PRD - W22NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD - W22
Cloud VDANoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
Cloud VDANoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\Group Policy Creator OwnersEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
UKPRCA158.bfl.local
UKPRCA159.bfl.local
USPRCA060.bfl.local
USPRCA061.bfl.local
USPRCA062.bfl.local
USPRCA063.bfl.local
IEPRCA010.bfl.local
IEPRCA011.bfl.local
UKPRCA160.bfl.local
eulonctxfas01.bfl.local
eulonctxfas02.bfl.local
eudubctxfas01.bfl.local
eudubctxfas02.bfl.local
ushawctxfas01.bfl.local
ushawctxfas02.bfl.local
usmarctxfas01.bfl.local
usmarctxfas02.bfl.local
User Configuration (Disabled)
No settings defined.
Citrix VDA Developer VDI Computer Settings
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Citrix VDA Developer VDI Computer Settings
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created06/03/2018 17:40:30
Modified15/09/2020 23:11:40
User Revisions11 (AD), 11 (SYSVOL)
Computer Revisions11 (AD), 11 (SYSVOL)
Unique ID{46400D0C-0645-442B-B99F-E4BAD985FC6F}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
System Services
CcmExec (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Update (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVB File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Hash Rules
SCNotification.exe (5.0.7804.1000); SCNotification.exe; SCNotification; System Center Configuration Manager; Microsoft Corporation
Security LevelDisallowed
DescriptionTo prevent SCCM reboot notifications after server patching/updates.
Date last modified25/07/2013 16:34:05
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified25/07/2013 16:30:24
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified25/07/2013 16:30:24
C:\Windows\CCM\SCNotification.exe
Security LevelDisallowed
DescriptionTo prevent SCCM reboot notifications after server patching/updates.
Date last modified25/07/2013 16:34:31
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V
PolicySettingComment
Enable App-V ClientDisabledDisabled because some applications are installed locally and this causes some confusion.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Enable Publishing Refresh UXEnabled
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh False
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 0
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Day
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://appvuk.bfl.local:8082
Reporting Time 12
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeDisabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsAll
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
System/Windows Time Service/Time Providers
PolicySettingComment
Configure Windows NTP ClientEnabled
NtpServerbfl.local,0x9
TypeNT5DS
CrossSiteSyncFlags2
ResolvePeerBackoffMinutes15
ResolvePeerBackoffMaxTimes7
SpecialPollInterval3600
EventLogFlags0
PolicySettingComment
Enable Windows NTP ClientEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesDisabled
Turn off Fair Share CPU SchedulingEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Licensing
PolicySettingComment
Set the Remote Desktop licensing modeEnabled
Specify the licensing mode for the RD Session Host server.Per User
PolicySettingComment
Use the specified Remote Desktop license serversEnabled
License servers to use:UKPRIM086.bfl.local
Separate license server names with commas.
Example: Server1,Server2.example.com,192.168.1.1
Windows Components/Windows Defender
PolicySettingComment
Turn off Windows DefenderEnabled
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog boxEnabled
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Preferences
Control Panel Settings
Services
Service (Name: CcmExec)
CcmExec (Order: 1)
General
Service nameCcmExec
ActionStop service
Startup type:Disabled
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
US CTXDEV-FAS (StorefrontUS)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
US CTXDEV-FAS (StorefrontUS)
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/01/2020 14:14:42
Modified15/09/2020 23:12:00
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{12B2E050-53FC-4115-8113-7C7FB318AB46}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
S-1-5-21-58594938-1633628789-801526373-82500
S-1-5-21-58594938-1633628789-801526373-83418
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-82500Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-83418Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
USDVCA030.bfl.local
USDVCA031.bfl.local
User Configuration (Disabled)
No settings defined.
UK CTXDEV-FAS (Storefront UK)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK CTXDEV-FAS (Storefront UK)
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/01/2020 14:15:32
Modified15/09/2020 23:12:00
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{CC97BC37-E215-49D0-A79D-0172B200040A}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\UKDVCA075$
S-1-5-21-58594938-1633628789-801526373-111150
S-1-5-21-58594938-1633628789-801526373-86871
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\UKDVCA075$Read (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-111150Read (from Security Filtering)No
S-1-5-21-58594938-1633628789-801526373-86871Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
UKDVCA075.bfl.local
IEDVCA001.bfl.local
User Configuration (Disabled)
No settings defined.
GBL CTXDEV-FAS (VDA Global)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL CTXDEV-FAS (VDA Global)
Data collected on: 23/04/2025 10:47:33
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/01/2020 14:18:14
Modified15/09/2020 23:12:00
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{BE4979C9-9C61-4CA6-B900-93AA96EE9F01}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
UKDVCA075.bfl.local
IEDVCA001.bfl.local
USDVCA030.bfl.local
USDVCA031.bfl.local
User Configuration (Disabled)
No settings defined.
UK CTX-GPU
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
UK CTX-GPU
Data collected on: 23/04/2025 10:47:34
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/03/2020 14:37:30
Modified15/09/2020 23:15:52
User Revisions6 (AD), 6 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{6624B6B3-E79C-4882-9328-6528A3DF79E4}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
User Configuration (Enabled)
No settings defined.
Trusted Sites Policy Prod 5.0
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Trusted Sites Policy Prod 5.0
Data collected on: 23/04/2025 10:47:34
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/02/2016 09:05:56
Modified15/09/2020 23:24:46
User Revisions7 (AD), 7 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{90C46F0E-D237-4E2B-8AA6-ED3FCEA95407}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Explorer
PolicySettingComment
Let users turn on and use Enterprise Mode from the Tools menuEnabled
Type the location (URL) of where to receive reports about the websites for which users turn on and use Enterprise Mode
Windows Components/Internet Explorer/Internet Control Panel/Security Page
PolicySettingComment
Site to Zone Assignment ListEnabled
Enter the zone assignments here. 
http://snow.bfl.local3
http://myprofile-uat.beazley.com1
http://myprofile-sys.beazley.com1
http://myprofile.beazley.com1
http://lumesse.com/2
http://intranet-uat.beazley.com1
http://intranet-sys.beazley.com1
http://intranet.beazley.com1
http://imagegenerator-uat.beazley.com1
http://imagegenerator-sys.beazley.com1
http://imagegenerator-dev.beazley.com1
http://imagegenerator.beazley.com1
http://collaboration-uat.beazley.com1
http://collaboration-sys.beazley.com1
http://collaboration.beazley.com1
http://bic-uat.beazley.com/1
http://bic-sys.beazley.com/1
http://bic.beazley.com/1
http://bfl.local/1
http://beazleytrade.com/1
http://beazleypro.com/1
https://bfl.local/1
file://bfl.local1
https://sts.beazley.com1
https://beazley.sharepoint.com2
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsDisable
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingEnable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptPrompt
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsPrompt
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Disable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsPrompt
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsHigh safety
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEPrompt
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon only in Intranet zone
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeEnable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesPrompt
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsMedium safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsPrompt
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingEnable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptEnable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsPrompt
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsPrompt
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsMedium safety
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEPrompt
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon only in Intranet zone
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsEnable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeEnable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesEnable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsMedium safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsDisable
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingDisable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptDisable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesPrompt
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsDisable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsDisable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsDisable
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHDisable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Disable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsDisable
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsDisable Java
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEDisable
PolicySettingComment
Logon optionsEnabled
Logon optionsPrompt for user name and password
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeDisable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeDisable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsDisable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingDisable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsDisable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesDisable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsHigh safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataPrompt
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceDisable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsDisable
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingEnable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptPrompt
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsPrompt
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Disable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsPrompt
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsHigh safety
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEPrompt
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon only in Intranet zone
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeEnable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Show security warning for potentially unsafe filesEnabled
Launching programs and unsafe filesEnable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsMedium safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
Preferences
Windows Settings
Registry
http://intranet.beazley.com/ (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathSoftware\Microsoft\Internet Explorer\Main
Value namehttp://intranet.beazley.com/
Value typeREG_SZ
Value dataDefault_Page_URL
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Start Page (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathSoftware\Microsoft\Internet Explorer\Main
Value nameStart Page
Value typeREG_SZ
Value datahttp://intranet.beazley.com
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CVAD-EU Beazley VDI Desktop ENG-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley VDI Desktop ENG-CP
Data collected on: 23/04/2025 10:47:34
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/07/2020 12:25:04
Modified08/11/2023 13:26:56
User Revisions35 (AD), 35 (SYSVOL)
Computer Revisions42 (AD), 42 (SYSVOL)
Unique ID{3EF1913B-A913-48FA-BEB7-F457B1FEFFDF}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Windows PowerShell scripts will run first
NameParameters
CopyAlteryxAddons.ps1
Security Settings
Local Policies/Security Options
Domain Member
PolicySetting
Domain member: Maximum machine account password age90 days
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
AuthmanLiteSupport (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-EU Beazley VDI Desktop PIO-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley VDI Desktop PIO-CP
Data collected on: 23/04/2025 10:47:34
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/07/2020 12:25:50
Modified08/11/2023 13:27:26
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions19 (AD), 19 (SYSVOL)
Unique ID{AB206AB9-8AF7-4758-A1D6-40963654B764}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Windows PowerShell scripts will run first
NameParameters
CopyAlteryxAddons.ps1
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
AuthmanLiteSupport (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-EU Beazley VDI Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley VDI Desktop PRD-CP
Data collected on: 23/04/2025 10:47:34
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/07/2020 12:26:02
Modified30/05/2024 12:09:28
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions14 (AD), 14 (SYSVOL)
Unique ID{B7A6CFE5-4D8C-42AF-89EA-E15E0AD5CB6D}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
RMS DesktopsNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/RMS Desktops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Citrix.GPO.BlockCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Windows PowerShell scripts will run first
NameParameters
CopyAlteryxAddons.ps1
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
AuthmanLiteSupport (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-EU Beazley DEV Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley DEV Desktop PRD-CP
Data collected on: 23/04/2025 10:47:35
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/08/2020 13:41:02
Modified22/10/2020 11:10:12
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{1EFF55B1-1CF6-4263-A1F7-F7D8F64CBAD6}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Enabled)
No settings defined.
CVAD-EU Beazley HSD Desktop ENG-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley HSD Desktop ENG-CP
Data collected on: 23/04/2025 10:47:35
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created10/09/2020 15:11:32
Modified24/06/2022 10:15:32
User Revisions18 (AD), 18 (SYSVOL)
Computer Revisions55 (AD), 55 (SYSVOL)
Unique ID{F86948EE-5291-4DC6-99A9-FD717029E6C6}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Domain Member
PolicySetting
Domain member: Maximum machine account password age90 days
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
DocVault.MetaStore.OutlookAddIn.UploadForm (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameDocVault.MetaStore.OutlookAddIn.UploadForm
Value typeREG_SZ
Value data=DocVault.MetaStore.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Beazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameBeazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion
Value typeREG_SZ
Value data=Beazley.Documents.Office2016.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AuthmanLiteSupport (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Restart Windows Search Service)
Restart Windows Search Service (Order: 1)
General
ActionUpdate
Task
Name Restart Windows Search Service
Author BFL\x1_lg
Description Restarts Windows Search Service to resolve known issue with Server 2019
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. On an event
Activate 27/10/2021 11:08:23Synchronize across time zones No
Enabled Yes
Subscription <QueryList><Query Id="0" Path="Application"><Select Path="Application">*[System[Provider[@Name='Microsoft-Windows-Search-ProfileNotify'] and EventID=2]]</Select></Query></QueryList>
Actions
1. Start a program
Program/script powershell.exe
Arguments restart-service wsearch
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power Yes
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
User Configuration (Disabled)
No settings defined.
CVAD-EU Beazley HSD Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley HSD Desktop PRD-CP
Data collected on: 23/04/2025 10:47:35
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created10/09/2020 15:14:58
Modified08/06/2022 09:20:00
User Revisions6 (AD), 6 (SYSVOL)
Computer Revisions29 (AD), 29 (SYSVOL)
Unique ID{3983E51A-9864-411E-B9D6-D58D19A1E2D5}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesDisabled
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
Beazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameBeazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion
Value typeREG_SZ
Value data=Beazley.Documents.Office2016.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DocVault.MetaStore.OutlookAddIn.UploadForm (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameDocVault.MetaStore.OutlookAddIn.UploadForm
Value typeREG_SZ
Value data=DocVault.MetaStore.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AuthmanLiteSupport (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Restart Windows Search Service)
Restart Windows Search Service (Order: 1)
General
ActionUpdate
Task
Name Restart Windows Search Service
Author BFL\x1_lg
Description Restarts Windows Search Service to resolve known issue with Server 2019
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. On an event
Activate 27/10/2021 11:08:23Synchronize across time zones No
Enabled Yes
Subscription <QueryList><Query Id="0" Path="Application"><Select Path="Application">*[System[Provider[@Name='Microsoft-Windows-Search-ProfileNotify'] and EventID=2]]</Select></Query></QueryList>
Actions
1. Start a program
Program/script powershell.exe
Arguments restart-service wsearch
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power Yes
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
User Configuration (Disabled)
No settings defined.
CVAD-EU Beazley HSD Desktop PIO-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley HSD Desktop PIO-CP
Data collected on: 23/04/2025 10:47:36
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created10/09/2020 15:15:42
Modified07/06/2022 16:13:50
User Revisions4 (AD), 4 (SYSVOL)
Computer Revisions23 (AD), 23 (SYSVOL)
Unique ID{1D724C16-FFCE-4B71-9899-89C05C4C89D6}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesDisabled
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
Beazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameBeazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion
Value typeREG_SZ
Value data=Beazley.Documents.Office2016.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DocVault.MetaStore.OutlookAddIn.UploadForm (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameDocVault.MetaStore.OutlookAddIn.UploadForm
Value typeREG_SZ
Value data=DocVault.MetaStore.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AuthmanLiteSupport (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Restart Windows Search Service)
Restart Windows Search Service (Order: 1)
General
ActionUpdate
Task
Name Restart Windows Search Service
Author BFL\x1_lg
Description Restarts Windows Search Service to resolve known issue with Server 2019
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. On an event
Activate 27/10/2021 11:08:23Synchronize across time zones No
Enabled Yes
Subscription <QueryList><Query Id="0" Path="Application"><Select Path="Application">*[System[Provider[@Name='Microsoft-Windows-Search-ProfileNotify'] and EventID=2]]</Select></Query></QueryList>
Actions
1. Start a program
Program/script powershell.exe
Arguments restart-service wsearch
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power Yes
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
User Configuration (Disabled)
No settings defined.
CVAD-EU-Cloud VDA-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU-Cloud VDA-CP
Data collected on: 23/04/2025 10:47:36
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created23/09/2020 07:46:28
Modified02/10/2024 12:42:30
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions20 (AD), 20 (SYSVOL)
Unique ID{B6A9A4F2-CD78-4C1B-BF88-766ED98C9954}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Cloud VDANoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA
Cloud VDANoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Citrix.GPO.BlockCustomNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Files
File (Target Path: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobase Systems\Synergy Prod.lnk)
Synergy Prod.lnk (Order: 1)
General
ActionDelete
Properties
Destination fileC:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobase Systems\Synergy Prod.lnk
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry
ListOfDDCs (Order: 1)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Citrix\VirtualDesktopAgent
Value nameListOfDDCs
Value typeREG_SZ
Value dataEULONCTXCCC01.bfl.local EULONCTXCCC02.bfl.local EULONCTXCCC03.bfl.local EUDUBCTXCCC01.bfl.local EUDUBCTXCCC02.bfl.local EUDUBCTXCCC03.bfl.local
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ServerAddress (Order: 2)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\NVIDIA Corporation\Global\GridLicensing
Value nameServerAddress
Value typeREG_SZ
Value dataeulonctxlic01.bfl.local
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
BackupServerAddress (Order: 3)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\NVIDIA Corporation\Global\GridLicensing
Value nameBackupServerAddress
Value typeREG_SZ
Value dataeudubctxlic01.bfl.local
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
GBL CTX-Server OS-ControlUpAudit
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL CTX-Server OS-ControlUpAudit
Data collected on: 23/04/2025 10:47:36
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/09/2020 15:45:40
Modified24/09/2020 17:06:48
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{90CF55F2-052D-45D9-93DC-AFFCEBE96010}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit logon eventsSuccess
Audit process trackingSuccess, Failure
Local Policies/Security Options
Other
PolicySetting
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsEnabled
Advanced Audit Configuration
Detailed Tracking
PolicySetting
Audit Process CreationSuccess
Audit Process TerminationSuccess
Logon/Logoff
PolicySetting
Audit LogonSuccess
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Audit Process Creation
PolicySettingComment
Include command line in process creation eventsEnabled
Preferences
Windows Settings
Registry
MaxSize (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-GroupPolicy/Operational
Value nameMaxSize
Value typeREG_DWORD
Value data0x3200000 (52428800)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
MaxSize (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-PrintService/Operational
Value nameMaxSize
Value typeREG_DWORD
Value data0x3200000 (52428800)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-PrintService/Operational
Value nameEnabled
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
CVAD-EU-LON-FAS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU-LON-FAS
Data collected on: 23/04/2025 10:47:36
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created22/10/2020 11:02:04
Modified30/03/2021 17:43:24
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{5119106C-BEFA-49FA-92DA-C854DED11DAF}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
FASNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/CVAD/FAS
StoreFrontNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/CVAD/StoreFront

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
eulonctxfas01.bfl.local
eulonctxfas02.bfl.local
User Configuration (Enabled)
No settings defined.
CVAD-EU-DUB-FAS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU-DUB-FAS
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created22/10/2020 11:04:18
Modified30/03/2021 17:41:34
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions5 (AD), 5 (SYSVOL)
Unique ID{8C978853-96DC-40C3-BC89-27D03998335B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
FASNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions/CVAD/FAS
StoreFrontNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions/CVAD/StoreFront

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
eudubctxfas01.bfl.local
eudubctxfas02.bfl.local
User Configuration (Enabled)
No settings defined.
CVAD-GL-Enable O365 Updates-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-Enable O365 Updates-CP
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created26/10/2020 13:41:08
Modified11/03/2022 10:35:34
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions8 (AD), 8 (SYSVOL)
Unique ID{1D5ECC98-0287-4215-B8A4-F1C6C33B5413}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL
EU Beazley P-VDI Desktop DEV - W11 - TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11 - TPL
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesEnabled
Update ChannelEnabled
Channel Name:Monthly Enterprise Channel
PolicySettingComment
Update PathEnabled
Location for updates:\\bfl.local\dfsroot\EUT\O365\CVAD\SetupMEC\
User Configuration (Disabled)
No settings defined.
CVAD-EU-Desktop OS-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU-Desktop OS-CP
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created06/01/2021 09:24:58
Modified24/06/2022 10:51:14
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions8 (AD), 8 (SYSVOL)
Unique ID{24DDE034-80FD-4A1B-9B82-F9B35860A04A}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Desktop OSNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS
Desktop OSNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS
RMS DesktopsNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/RMS Desktops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit logon eventsSuccess
Audit process trackingSuccess, Failure
Local Policies/Security Options
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (always)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (always)Enabled
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Network Access
PolicySetting
Network access: Do not allow anonymous enumeration of SAM accounts and sharesEnabled
Network Security
PolicySetting
Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Network security: Minimum session security for NTLM SSP based (including secure RPC) serversEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Other
PolicySetting
Accounts: Block Microsoft accountsUsers can't add Microsoft accounts
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Citrix Workspace/StoreFront
PolicySettingComment
NetScaler Gateway URL/StoreFront Accounts ListEnabled
Enter the NetScaler Gateway/StoreFront account details here:
AppPubStore;https://citrix/Citrix/AppPub/discovery;On;Store for Published Apps
Windows Components/Delivery Optimization
PolicySettingComment
Download ModeEnabled
Download Mode:None
Windows Components/News and interests
PolicySettingComment
Enable news and interests on the taskbarDisabled
User Configuration (Enabled)
No settings defined.
BFL SpaceStor
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL SpaceStor
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/02/2021 18:06:38
Modified25/02/2021 10:10:56
User Revisions7 (AD), 7 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{2CA4AFE8-AA10-46EE-8017-A4BAD08236F0}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
SpaceStorNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/SpaceStor

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Group Policy
PolicySettingComment
Configure user Group Policy loopback processing modeEnabled
Mode:Replace
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Explorer/Internet Control Panel/Security Page
PolicySettingComment
Site to Zone Assignment ListEnabled
Enter the zone assignments here. 
http://localhost1
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsPrompt
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsPrompt
CVAD-US-HAW-FAS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US-HAW-FAS
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created29/03/2021 20:11:36
Modified18/04/2021 18:01:38
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{9F66F857-CDFE-491D-AD85-1DFF343E9331}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
FASNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions/CVAD/FAS
StoreFrontNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions/CVAD/StoreFront

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
ushawctxfas01.bfl.local
ushawctxfas02.bfl.local
User Configuration (Enabled)
No settings defined.
CVAD-US-MAR-FAS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US-MAR-FAS
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created29/03/2021 20:24:36
Modified18/04/2021 19:32:16
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{26800BDD-C954-4A1B-A925-947ABF893F44}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
FASNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions/CVAD/FAS
StoreFrontNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions/CVAD/StoreFront

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Authentication
PolicySettingComment
Federated Authentication ServiceEnabled
List the installed servers in your environment.
DNS Addresses
usmarctxfas01.bfl.local
usmarctxfas02.bfl.local
User Configuration (Enabled)
No settings defined.
CVAD-US-Cloud VDA-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US-Cloud VDA-CP
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:19:34
Modified07/04/2021 11:25:50
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions17 (AD), 17 (SYSVOL)
Unique ID{9CD65FD9-3CEA-4B9B-AC9C-F995451F5132}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Cloud VDANoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA
Cloud VDANoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
ListOfDDCs (Order: 1)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Citrix\VirtualDesktopAgent
Value nameListOfDDCs
Value typeREG_SZ
Value dataUSHAWCTXCCC01.bfl.local USHAWCTXCCC02.bfl.local USHAWCTXCCC03.bfl.local USMARCTXCCC01.bfl.local USMARCTXCCC02.bfl.local USMARCTXCCC03.bfl.local
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ServerAddress (Order: 2)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\NVIDIA Corporation\Global\GridLicensing
Value nameServerAddress
Value typeREG_SZ
Value dataushawctxlic01.bfl.local
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
BackupServerAddress (Order: 3)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\NVIDIA Corporation\Global\GridLicensing
Value nameBackupServerAddress
Value typeREG_SZ
Value datausmarctxlic01.bfl.local
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
CVAD-US-Desktop OS-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US-Desktop OS-CP
Data collected on: 23/04/2025 10:47:37
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:20:48
Modified09/05/2024 13:55:48
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions13 (AD), 13 (SYSVOL)
Unique ID{4D37F0B0-4559-42EC-8EAB-66E9167D7900}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Desktop OSNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS
Desktop OSNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit logon eventsSuccess
Audit process trackingSuccess, Failure
Local Policies/Security Options
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (always)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (always)Enabled
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Network Access
PolicySetting
Network access: Do not allow anonymous enumeration of SAM accounts and sharesEnabled
Network Security
PolicySetting
Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Network security: Minimum session security for NTLM SSP based (including secure RPC) serversEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Other
PolicySetting
Accounts: Block Microsoft accountsUsers can't add Microsoft accounts
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsEnabled
Advanced Audit Configuration
Detailed Tracking
PolicySetting
Audit Process CreationSuccess
Audit Process TerminationSuccess
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Citrix Workspace/StoreFront
PolicySettingComment
NetScaler Gateway URL/StoreFront Accounts ListEnabled
Enter the NetScaler Gateway/StoreFront account details here:
AppPubStore;https://citrix/Citrix/AppPub/discovery;On;Store for Published Apps
System/Audit Process Creation
PolicySettingComment
Include command line in process creation eventsEnabled
Windows Components/Delivery Optimization
PolicySettingComment
Download ModeEnabled
Download Mode:None
Windows Components/News and interests
PolicySettingComment
Enable news and interests on the taskbarDisabled
User Configuration (Enabled)
No settings defined.
CVAD-US Beazley VDI Desktop ENG-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US Beazley VDI Desktop ENG-CP
Data collected on: 23/04/2025 10:47:38
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:29:26
Modified08/11/2023 11:32:40
User Revisions35 (AD), 35 (SYSVOL)
Computer Revisions21 (AD), 21 (SYSVOL)
Unique ID{1ACB40F2-C470-4C2F-A35A-8469B5195D16}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
AuthmanLiteSupport (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-US Beazley VDI Desktop PIO-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US Beazley VDI Desktop PIO-CP
Data collected on: 23/04/2025 10:47:38
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:30:28
Modified08/11/2023 11:33:00
User Revisions35 (AD), 35 (SYSVOL)
Computer Revisions21 (AD), 21 (SYSVOL)
Unique ID{C3289FBE-8D20-45B0-848D-E37BD0117138}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
AuthmanLiteSupport (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-US Beazley VDI Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US Beazley VDI Desktop PRD-CP
Data collected on: 23/04/2025 10:47:38
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:30:50
Modified08/06/2022 10:26:10
User Revisions35 (AD), 35 (SYSVOL)
Computer Revisions19 (AD), 19 (SYSVOL)
Unique ID{5E8CACAA-FA1D-4EFB-9BA7-F3F6CEB2EF09}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
AuthmanLiteSupport (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-US-Server OS-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US-Server OS-CP
Data collected on: 23/04/2025 10:47:38
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:33:04
Modified22/05/2024 08:05:42
User Revisions14 (AD), 14 (SYSVOL)
Computer Revisions34 (AD), 34 (SYSVOL)
Unique ID{142EFDCC-DFF5-46AF-BDA8-78247CC9E652}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
Server OSNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS
Server OSNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Citrix.GPO.BlockReadNo
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit logon eventsSuccess
Audit process trackingSuccess, Failure
Local Policies/Security Options
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (always)Enabled
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (always)Enabled
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Network Access
PolicySetting
Network access: Do not allow anonymous enumeration of SAM accounts and sharesEnabled
Network Security
PolicySetting
Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Network security: Minimum session security for NTLM SSP based (including secure RPC) serversEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Other
PolicySetting
Accounts: Block Microsoft accountsUsers can't add Microsoft accounts
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Citrix Workspace/StoreFront
PolicySettingComment
NetScaler Gateway URL/StoreFront Accounts ListEnabled
Enter the NetScaler Gateway/StoreFront account details here:
AppPubStore;https://citrix/Citrix/AppPub/discovery;On;Store for Published Apps
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Licensing
PolicySettingComment
Set the Remote Desktop licensing modeEnabled
Specify the licensing mode for the RD Session Host server.Per User
PolicySettingComment
Use the specified Remote Desktop license serversEnabled
License servers to use:eulonctxlic01.bfl.local
Separate license server names with commas.
Example: Server1,Server2.example.com,192.168.1.1
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for active but idle Remote Desktop Services sessionsEnabled
Idle session limit:6 hours
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session1 day
Preferences
Control Panel Settings
Services
Service (Name: WSearch)
WSearch (Order: 1)
General
Service nameWSearch
ActionNo change
Startup type:Automatic (Delayed Start)
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Service (Name: cuAgent)
cuAgent (Order: 2)
General
Service namecuAgent
ActionNo change
Startup type:No change
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:Restart the service
Second failure:Restart the service
Subsequent failures:Restart the service
Reset fail count after:0 days
Restart service after:1 minute
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
CVAD-US Beazley DEV Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US Beazley DEV Desktop PRD-CP
Data collected on: 23/04/2025 10:47:38
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:34:06
Modified21/05/2021 11:37:40
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{F756072C-AE66-4FBF-BA40-E44951F8E21B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
User Configuration (Enabled)
No settings defined.
CVAD-US Beazley HSD Desktop ENG-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US Beazley HSD Desktop ENG-CP
Data collected on: 23/04/2025 10:47:39
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:36:10
Modified07/06/2022 16:18:48
User Revisions10 (AD), 10 (SYSVOL)
Computer Revisions35 (AD), 35 (SYSVOL)
Unique ID{AE965973-A409-4892-B3AD-00233EC78621}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Not configured
NameParameters
\\bfl.local\sysvol\bfl.local\Policies\{AE965973-A409-4892-B3AD-00233EC78621}\Machine\Scripts\Startup\CopyCIPSfromNetworkToLocalDisk.bat
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesDisabled
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Group Policy
PolicySettingComment
Configure Logon Script DelayEnabled
minute:0
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
Beazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameBeazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion
Value typeREG_SZ
Value data=Beazley.Documents.Office2016.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DocVault.MetaStore.OutlookAddIn.UploadForm (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameDocVault.MetaStore.OutlookAddIn.UploadForm
Value typeREG_SZ
Value data=DocVault.MetaStore.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AuthmanLiteSupport (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Restart Windows Search Service)
Restart Windows Search Service (Order: 1)
General
ActionUpdate
Task
Name Restart Windows Search Service
Author BFL\x1_lg
Description Restarts Windows Search Service to resolve known issue with Server 2019
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. On an event
Activate 27/10/2021 11:08:23Synchronize across time zones No
Enabled Yes
Subscription <QueryList><Query Id="0" Path="Application"><Select Path="Application">*[System[Provider[@Name='Microsoft-Windows-Search-ProfileNotify'] and EventID=2]]</Select></Query></QueryList>
Actions
1. Start a program
Program/script powershell.exe
Arguments restart-service wsearch
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power Yes
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
User Configuration (Disabled)
No settings defined.
CVAD-US Beazley HSD Desktop PIO-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US Beazley HSD Desktop PIO-CP
Data collected on: 23/04/2025 10:47:39
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:36:24
Modified07/06/2022 16:19:24
User Revisions6 (AD), 6 (SYSVOL)
Computer Revisions29 (AD), 29 (SYSVOL)
Unique ID{ABF27844-1141-47D8-8FA7-5125C7AEA5AE}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesDisabled
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
Beazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameBeazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion
Value typeREG_SZ
Value data=Beazley.Documents.Office2016.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DocVault.MetaStore.OutlookAddIn.UploadForm (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameDocVault.MetaStore.OutlookAddIn.UploadForm
Value typeREG_SZ
Value data=DocVault.MetaStore.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AuthmanLiteSupport (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Restart Windows Search Service)
Restart Windows Search Service (Order: 1)
General
ActionUpdate
Task
Name Restart Windows Search Service
Author BFL\x1_lg
Description Restarts Windows Search Service to resolve known issue with Server 2019
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. On an event
Activate 27/10/2021 11:08:23Synchronize across time zones No
Enabled Yes
Subscription <QueryList><Query Id="0" Path="Application"><Select Path="Application">*[System[Provider[@Name='Microsoft-Windows-Search-ProfileNotify'] and EventID=2]]</Select></Query></QueryList>
Actions
1. Start a program
Program/script powershell.exe
Arguments restart-service wsearch
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power Yes
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
User Configuration (Disabled)
No settings defined.
CVAD-US Beazley HSD Desktop PRD-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-US Beazley HSD Desktop PRD-CP
Data collected on: 23/04/2025 10:47:40
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/04/2021 11:36:32
Modified08/06/2022 09:19:14
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions28 (AD), 28 (SYSVOL)
Unique ID{B74F6691-CB83-49E6-927D-5B7A018572ED}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop LGCNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop LGC
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesDisabled
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvus
Publishing Server URL http://appvus.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap260.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
bfl\Rol.Sec_DesktopInfra
bfl\Rol.Sec_ServiceDesk
bfl\Rol.Sec_Infrastructure
bfl\App.ServiceNow.Rating_Team_Support
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
Beazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameBeazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion
Value typeREG_SZ
Value data=Beazley.Documents.Office2016.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DocVault.MetaStore.OutlookAddIn.UploadForm (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameDocVault.MetaStore.OutlookAddIn.UploadForm
Value typeREG_SZ
Value data=DocVault.MetaStore.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AuthmanLiteSupport (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value nameAuthmanLiteSupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
PWASupport (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Citrix\Dazzle
Value namePWASupport
Value typeREG_SZ
Value datafalse
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Restart Windows Search Service)
Restart Windows Search Service (Order: 1)
General
ActionUpdate
Task
Name Restart Windows Search Service
Author BFL\x1_lg
Description Restarts Windows Search Service to resolve known issue with Server 2019
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. On an event
Activate 27/10/2021 11:08:23Synchronize across time zones No
Enabled Yes
Subscription <QueryList><Query Id="0" Path="Application"><Select Path="Application">*[System[Provider[@Name='Microsoft-Windows-Search-ProfileNotify'] and EventID=2]]</Select></Query></QueryList>
Actions
1. Start a program
Program/script powershell.exe
Arguments restart-service wsearch
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power Yes
Stop if the computer switches to battery power Yes
Allow task to be run on demand Yes
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
User Configuration (Disabled)
No settings defined.
CVAD-LON FSLogix-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-LON FSLogix-CP
Data collected on: 23/04/2025 10:47:40
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/05/2021 13:37:24
Modified27/04/2022 12:21:48
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions7 (AD), 7 (SYSVOL)
Unique ID{FFEF2CF5-CA6E-46E1-B826-A68D63FBF027}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerDisabled
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerDisabled
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist2
PolicySettingComment
Store search database in Office 365 containerEnabled
Disabled
PolicySettingComment
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\eu-lon-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\eu-dub-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.
CVAD-DUB FSLogix-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-DUB FSLogix-CP
Data collected on: 23/04/2025 10:47:40
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/05/2021 13:44:20
Modified20/05/2024 15:10:46
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions26 (AD), 26 (SYSVOL)
Unique ID{3F08784C-556E-44F3-A6FC-A7A3A4E915B2}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Citrix.GPO.BlockCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerDisabled
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerDisabled
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist2
PolicySettingComment
Store search database in Office 365 containerEnabled
Disabled
PolicySettingComment
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\eu-dub-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\eu-lon-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.
CVAD-HAW FSLogix-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-HAW FSLogix-CP
Data collected on: 23/04/2025 10:47:40
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created04/06/2021 14:24:00
Modified14/01/2022 13:01:18
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions26 (AD), 26 (SYSVOL)
Unique ID{6D19CAB8-18B9-4AD6-B35A-37D2E811A0B2}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerDisabled
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerDisabled
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist2
PolicySettingComment
Store search database in Office 365 containerEnabled
Disabled
PolicySettingComment
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\us-haw-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\us-mar-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.
CVAD-MAR FSLogix-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-MAR FSLogix-CP
Data collected on: 23/04/2025 10:47:40
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created04/06/2021 14:24:12
Modified15/04/2024 13:15:02
User Revisions5 (AD), 5 (SYSVOL)
Computer Revisions26 (AD), 26 (SYSVOL)
Unique ID{91FD5A12-0D67-485D-A3AC-CC8FE2EF3997}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Citrix.GPO.BlockCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerDisabled
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerDisabled
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist2
PolicySettingComment
Store search database in Office 365 containerEnabled
Disabled
PolicySettingComment
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\us-mar-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\us-haw-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.
GBL Cohesity Backup Agent
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL Cohesity Backup Agent
Data collected on: 23/04/2025 10:47:40
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created18/06/2021 12:47:26
Modified18/06/2021 12:50:24
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{2A8DF65F-F3B8-46D2-9FA3-89ED59373074}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
ExchangeNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions/Exchange
ExchangeNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions/Exchange

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/User Rights Assignment
PolicySetting
Log on as a serviceBFL\2013Admin
User Configuration (Disabled)
No settings defined.
BFL Stop-Disable Print Spooler
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Stop-Disable Print Spooler
Data collected on: 23/04/2025 10:47:41
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created01/07/2021 17:48:58
Modified09/11/2021 17:27:50
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{DFBEB3FE-666D-4E75-AD5E-0CC76A0B3A23}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
S-1-5-21-58594938-1633628789-801526373-125606CustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
System Services
Print Spooler (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
User Configuration (Enabled)
No settings defined.
AD Security Assessment
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
AD Security Assessment
Data collected on: 23/04/2025 10:47:41
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created15/07/2021 10:50:02
Modified03/02/2022 10:56:10
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{8EB9E9A7-DA23-466D-8E27-B627ACCBCB74}
GPO StatusAll settings disabled
Links
LocationEnforcedLink StatusPath
Domain ControllersNoEnabledbfl.local/Domain Controllers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Disabled)
Policies
Windows Settings
Security Settings
System Services
Windows Remote Management (WS-Management) (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.26
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Inbound Rules
NameDescription
ADSecurityAssessmentToolsMachine
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scope10.183.19.14, 10.183.19.19
ProfileDomain
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Windows Remote Management (WinRM)/WinRM Service
PolicySettingComment
Allow remote server management through WinRMEnabled
IPv4 filter:
IPv6 filter:
Syntax:
Type "*" to allow messages from any IP address, or leave the
field empty to listen on no IP address. You can specify one
or more ranges of IP addresses.
Example IPv4 filters:
2.0.0.1-2.0.0.20, 24.0.0.1-24.0.0.22
*
Example IPv6 filters:
3FFE:FFFF:7654:FEDA:1245:BA98:0000:0000-3FFE:FFFF:7654:FEDA:1245:BA98:3210:4562
*
User Configuration (Disabled)
No settings defined.
GBL AD LAPS Policy
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GBL AD LAPS Policy
Data collected on: 23/04/2025 10:47:41
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created30/09/2021 14:36:54
Modified30/09/2021 16:04:46
User Revisions3 (AD), 3 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{50C34DF9-CD32-455E-90E9-A86B267500E8}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Accounts ComputerNoEnabledbfl.local/Accounts Computer
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Not configured
NameParameters
\\bfl.local\SYSVOL\bfl.local\LAPSDistro\Register_AdmPwdDLL.bat
Security Settings
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Rename administrator account"Letmein"
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
LAPS
PolicySettingComment
Do not allow password expiration time longer than required by policyEnabled
Enable local admin password managementEnabled
Password SettingsEnabled
Password ComplexityLarge letters + small letters + numbers + specials
Password Length10
Password Age (Days)30
Preferences
Windows Settings
Files
File (Target Path: C:\Windows\SysWOW64\AdmPwd.dll)
AdmPwd.dll (Order: 1)
General
ActionReplace
Properties
Source file(s)\\bfl.local\SYSVOL\bfl.local\LAPSDistro\AdmPwd.dll
Destination fileC:\Windows\SysWOW64\AdmPwd.dll
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-GL-AD LAPS
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-AD LAPS
Data collected on: 23/04/2025 10:47:41
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created03/11/2021 10:56:30
Modified11/01/2023 16:09:52
User Revisions7 (AD), 7 (SYSVOL)
Computer Revisions7 (AD), 7 (SYSVOL)
Unique ID{1050A9CA-95CC-485E-A0BC-BFFFEADA51C2}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
US Beazley VDI Desktop TPLNoDisabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop LGCNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop LGC
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
US Beazley HSD Desktop TPLNoDisabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley P-VDI Desktop DEV - W11 - TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11 - TPL
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop ENG - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG - W11
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
EU Beazley VDI Desktop TPLNoDisabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop TPLNoDisabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
EU Beazley P-VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD - W11
EU Beazley VDI Desktop TPLNoDisabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
RMS DesktopsNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/RMS Desktops
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop TPLNoDisabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
US Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop DEV - W11
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PRD - W11NoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD - W11
US Beazley VDI Desktop TPLNoDisabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
US Beazley HSD Desktop TPLNoDisabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Shutdown
For this GPO, Script order: Not configured
NameParameters
LAPS-ResetPassword.ps1
Security Settings
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Rename administrator account"Letmein"
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
LAPS
PolicySettingComment
Do not allow password expiration time longer than required by policyEnabled
Enable local admin password managementEnabled
Password SettingsEnabled
Password ComplexityLarge letters + small letters + numbers + specials
Password Length12
Password Age (Days)90
Windows Components/Windows PowerShell
PolicySettingComment
Turn on Script ExecutionEnabled
Execution PolicyAllow local scripts and remote signed scripts
User Configuration (Disabled)
No settings defined.
CVAD-GL-OneDrive-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-OneDrive-CP
Data collected on: 23/04/2025 10:47:41
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created16/11/2021 15:42:54
Modified15/04/2024 13:15:36
User Revisions18 (AD), 18 (SYSVOL)
Computer Revisions18 (AD), 18 (SYSVOL)
Unique ID{51A32AC8-6778-4D07-8F4D-4AA317E99875}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
RMS DesktopsNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/RMS Desktops
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Citrix.GPO.BlockCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
System Services
OneDrive Updater Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix/Office 365 Containers
PolicySettingComment
Include OneDrive data in containerEnabled
Include OneDrive data in containerEnabled
PolicySettingComment
Include Sharepoint data in containerEnabled
Include Sharepoint data in containerEnabled
OneDrive
PolicySettingComment
Allow syncing OneDrive accounts for only specific organizationsEnabled
Specify tenant ID
In the Value field, enter the tenant ID you want to add to this list.
Tenant ID:
9a50eba8-7568-447a-bcb9-27a0d464aa80
PolicySettingComment
Block file downloads when users are low on disk spaceEnabled
In the Value field, enter the minimum amount of disk space you want to leave available.
Valid values are from 0 through 10240000 MB
Minimum available disk space:1024
PolicySettingComment
Prevent users from moving their Windows known folders to OneDriveEnabled
Prevent users from syncing libraries and folders shared from other organizationsEnabled
Require users to confirm large delete operationsEnabled
Set the sync app update ringEnabled
Update ring:Enterprise
PolicySettingComment
Silently sign in users to the OneDrive sync app with their Windows credentialsEnabled
Use OneDrive Files On-DemandEnabled
System/Storage Sense
PolicySettingComment
Allow Storage SenseEnabled
Allow Storage Sense Temporary Files cleanupDisabled
Configure Storage Sense cadenceEnabled
Run Storage Sense: 
PolicySettingComment
Configure Storage Sense Cloud Content dehydration thresholdEnabled
Number of days since a cloud-backed file has been opened before Storage Sense will dehydrate it (0 is never dehydrating files): 
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageDisabled
User Configuration (Enabled)
No settings defined.
CVAD-GL-FSLogix-CP(Search Roam Disabled)
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-FSLogix-CP(Search Roam Disabled)
Data collected on: 23/04/2025 10:47:41
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created03/12/2021 09:59:42
Modified03/12/2021 11:37:46
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions3 (AD), 3 (SYSVOL)
Unique ID{D3CD5762-9836-436A-AC19-E6C34549F61A}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
BFL\EUDUBHSDW19$
BFL\EUDUBVDIW10$
BFL\EULONHSDW19$
BFL\EULONVDIW10$
BFL\USHAWHSDW19$
BFL\USHAWVDIW10$
BFL\USMARHSDW19$
BFL\USMARVDIW10$
S-1-5-21-58594938-1633628789-801526373-117739
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
BFL\EUDUBHSDW19$Read (from Security Filtering)No
BFL\EUDUBVDIW10$Read (from Security Filtering)No
BFL\EULONHSDW19$Read (from Security Filtering)No
BFL\EULONVDIW10$Read (from Security Filtering)No
BFL\USHAWHSDW19$Read (from Security Filtering)No
BFL\USHAWVDIW10$Read (from Security Filtering)No
BFL\USMARHSDW19$Read (from Security Filtering)No
BFL\USMARVDIW10$Read (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
S-1-5-21-58594938-1633628789-801526373-117739Read (from Security Filtering)No
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix/Office 365 Containers
PolicySettingComment
Store search database in Office 365 containerEnabled
Disabled
User Configuration (Enabled)
No settings defined.
CVAD-EU Beazley HSD Desktop Test-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley HSD Desktop Test-CP
Data collected on: 23/04/2025 10:47:41
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created04/05/2022 13:57:28
Modified31/08/2022 14:38:58
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions30 (AD), 30 (SYSVOL)
Unique ID{7B5B41B4-FD6C-4DC9-A233-EFFD4FBF3AA4}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesDisabled
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Use the hardware default graphics adapter for all Remote Desktop Services sessionsEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for active but idle Remote Desktop Services sessionsEnabled
Idle session limit:30 minutes
PolicySettingComment
Set time limit for disconnected sessionsEnabled
End a disconnected session1 hour
Windows Components/Windows Update
PolicySettingComment
Configure Automatic UpdatesDisabled
Preferences
Windows Settings
Registry
Beazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameBeazley.Documents.Office2016.OutlookAddIn.BeazleyDocumentsFormRegion
Value typeREG_SZ
Value data=Beazley.Documents.Office2016.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DocVault.MetaStore.OutlookAddIn.UploadForm (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Office\Outlook\FormRegions\IPM.Note
Value nameDocVault.MetaStore.OutlookAddIn.UploadForm
Value typeREG_SZ
Value data=DocVault.MetaStore.OutlookAddIn
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
CVAD-EU Beazley Developer VDI Desktop-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley Developer VDI Desktop-CP
Data collected on: 23/04/2025 10:47:42
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created12/05/2022 00:08:20
Modified16/05/2022 18:10:46
User Revisions6 (AD), 6 (SYSVOL)
Computer Revisions30 (AD), 30 (SYSVOL)
Unique ID{121D28BE-736E-4077-97C3-5270CC0B508E}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\BFL Servers-LocalAdminsBUILTIN\Administrators
BFL\Rol.Sec_ServiceDesk_1stLineBUILTIN\Administrators
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Force a specific default lock screen imageEnabled
Path to lock screen image:C:\Program Files (x86)\Beazley\beazley_desktop_lockscreen_world_old.jpg
Example: Using a local path: C:\windows\web\screen\lockscreen.jpg
Example: Using a UNC path: \\Server\Share\Corp.jpg
Turn off fun facts, tips, tricks, and more on lock screenDisabled
Network/Offline Files
PolicySettingComment
Allow or Disallow use of the Offline Files featureDisabled
System/App-V/CEIP
PolicySettingComment
Microsoft Customer Experience Improvement Program (CEIP)Disabled
System/App-V/Publishing
PolicySettingComment
Publishing Server 1 SettingsEnabled
Publishing Server Display Name appvuk
Publishing Server URL http://appvuk.bfl.local:8081
Global Publishing Refresh True
Global Publishing Refresh On Logon False
Global Publishing Refresh Interval 1
Global Publishing Refresh Interval Unit Day
User Publishing Refresh True
User Publishing Refresh On Logon True
User Publishing Refresh Interval 0
User Publishing Refresh Interval Unit Hour
System/App-V/Reporting
PolicySettingComment
Reporting ServerEnabled
Reporting Server URL http://ukprap041.bfl.local:8082
Reporting Time 22
Delay reporting for the random minutes 60
Repeat reporting for every (days) 1
Data Cache Limit 20
Data Block Size 65536
System/App-V/Scripting
PolicySettingComment
Enable Package ScriptsEnabled
System/App-V/Streaming
PolicySettingComment
Shared Content Store (SCS) modeEnabled
Specify what to load in background (aka AutoLoad)Enabled
Autoload OptionsNone
Preferences
Windows Settings
Registry
UviProcessExcludes (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\CtxUvi
Value nameUviProcessExcludes
Value typeREG_SZ
Value dataLsaIso.exe;BioIso.exe;FsIso.exe;sppsvc.exe;vmsp.exe;AMAgent.exe;AMAgentAssist.;AMMessageAssis;Cca.exe;WatchdogAgent.;WatchdogAgent6;EMAgent.exe;EMAgentAssist.;EMNotify.exe;EmCoreService.;EmExit.exe;EmLoggedOnUser;EmSystem.exe;EmUser.exe;EmUserLogoff.e;EmVirtualizati;PmAgent.exe;PmAgentAssist.;EMWOW64.exe;cb.exe;msedge.exe
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Authkey (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Smart-X\ControlUp\Agent\Communication
Value nameAuthkey
Value typeREG_SZ
Value dataBgIAAACkAABSU0ExAAgAAAEAAQCtYyhvWtJcuNqXeFQ8RxhznxLsatLZN8FEQ+7r8GA2tv1R/ESoq7P+1nIRN/VqptCSqSBooGojGaijv/ZPXZtDL0ck1qvTv0h1qONvtT81IZr5z5TFlwzo9ptoRGYMhbpaes8CHywowzNsRJ+6yHq9PTUTsTAQnWfxaLv6xd4fMfmEvddfT+Z/OP0+VN7EfN/ymenF8vbaQN2RVdZ3agYqBsl/m24EChNxZXGD0EQ4apuvmSKfA4ANe6q2B8JwPBYr8WJyU45+veKJUWGk2P/Vy05P5cVfRCjanW2l1HAatNKFI5GT6NkKOH4IQGuKUBFZqfWEXzBZGpYpvFk2IbTV
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Services
Service (Name: Spooler)
Spooler (Order: 1)
General
Service nameSpooler
ActionStart service
Startup type:Automatic
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Service (Name: RemoteRegistry)
RemoteRegistry (Order: 2)
General
Service nameRemoteRegistry
ActionStart service
Startup type:Automatic
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Enabled)
Preferences
Windows Settings
Registry
SetDisplayRequiredMode (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Citrix\Graphics
Value nameSetDisplayRequiredMode
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CVAD-EU Beazley Developer VDI Desktop-UP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-EU Beazley Developer VDI Desktop-UP
Data collected on: 23/04/2025 10:47:42
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created12/05/2022 00:13:42
Modified19/05/2022 11:58:24
User Revisions28 (AD), 28 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{7F1DB72C-53E9-4EB1-BAA1-8F5673536B76}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Folder Redirection
Desktop
Setting: Basic (Redirect everyone's folder to the same location)
Path: %homeshare%\Desktop
Options
Grant user exclusive rights to DesktopDisabled
Move the contents of Desktop to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Documents
Setting: Basic (Redirect everyone's folder to the same location)
Path: %homeshare%\My Documents
Options
Grant user exclusive rights to DocumentsDisabled
Move the contents of Documents to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Downloads
Setting: Basic (Redirect everyone's folder to the same location)
Path: %homeshare%\Citrix\Downloads
Options
Grant user exclusive rights to DownloadsDisabled
Move the contents of Downloads to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Favorites
Setting: Not configured
Pictures
Setting: Basic (Redirect everyone's folder to the same location)
Path: %homeshare%\My Documents\My Pictures
Options
Grant user exclusive rights to PicturesDisabled
Move the contents of Pictures to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsDisabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Force specific screen saverEnabled
Screen saver executable namescrnsave.scr
PolicySettingComment
Password protect the screen saverEnabled
Prevent changing screen saverEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:900
Preferences
Windows Settings
Drive Maps
Drive Map (Drive: T)
T: (Order: 1)
General
ActionUpdate
Properties
LetterT
Location\\bfl.local\ukdata\temp
ReconnectDisabled
Use first availableDisabled
Hide/Show this driveNo change
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Drive Map (Drive: I)
I: (Order: 2)
General
ActionUpdate
Properties
LetterI
Location\\bfl.local\UKData\BIC
ReconnectDisabled
Use first availableDisabled
Hide/Show this driveNo change
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Drive Map (Drive: S)
S: (Order: 3)
General
ActionUpdate
Properties
LetterS
Location\\bfl.local\ukdata\ScanDrive
ReconnectDisabled
Use first availableDisabled
Hide/Show this driveNo change
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Drive Map (Drive: W)
W: (Order: 4)
General
ActionUpdate
Properties
LetterW
Location\\bfl.local\UK\Groups\
ReconnectDisabled
Use first availableDisabled
Hide/Show this driveNo change
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Drive Map (Drive: G)
G: (Order: 5)
General
ActionUpdate
Properties
LetterG
Location\\bfl.local\ukdata\Shared.Databases
ReconnectDisabled
Use first availableDisabled
Hide/Show this driveNo change
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry
WallPaper (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Desktop
Value nameWallPaper
Value typeREG_SZ
Value dataC:\Program Files (x86)\Beazley\beazley_desktop_world_old.jpg
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
WallpaperStyle (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Desktop
Value nameWallpaperStyle
Value typeREG_SZ
Value data10
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CVAD-GL-Enable O365-64 Updates-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-Enable O365-64 Updates-CP
Data collected on: 23/04/2025 10:47:42
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created10/06/2022 19:47:46
Modified10/06/2022 19:54:34
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{08713447-5947-4455-AD7B-DDB169D5117D}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Enable Automatic UpdatesEnabled
Update ChannelEnabled
Channel Name:Semi-Annual Enterprise Channel
PolicySettingComment
Update PathEnabled
Location for updates:\\bfl.local\dfsroot\EUT\O365\CVAD\Setupx64SAC\
User Configuration (Disabled)
No settings defined.
[AGPM] Test GPO for Temp Local admin rights
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
[AGPM] Test GPO for Temp Local admin rights
Data collected on: 23/04/2025 10:47:42
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created26/10/2022 15:09:16
Modified26/10/2022 15:16:12
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{376D7D78-4D3A-4B7F-8C35-554F245BAB6B}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Control Panel Settings
Local Users and Groups
Group (Name: Administrators (Built-in))
Administrators (Built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameAdministrators (Built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
BFL\2008TempAccessReviewS-1-5-21-58594938-1633628789-801526373-116499
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-GL-CVE Remediation
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-CVE Remediation
Data collected on: 23/04/2025 10:47:43
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created02/11/2022 12:14:42
Modified02/11/2022 12:29:38
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{23F2D436-76C1-4836-89C5-62259D2BB98F}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
RMSNoEnabledbfl.local/Accounts Computer/Desktops/UK/RMS
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop LGCNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop LGC
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL
EU Beazley P-VDI Desktop DEV - W11 - TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11 - TPL
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
RMS DesktopsNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/RMS Desktops
EU Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley DEV Desktop PRD
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ITT
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64
SandboxNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Sandbox
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley DEV Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley DEV Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop ITTNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ITT
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
EnableCertPaddingCheck (Order: 1)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Cryptography\Wintrust\Config
Value nameEnableCertPaddingCheck
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
EnableCertPaddingCheck (Order: 2)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Cryptography\Wintrust\Config
Value nameEnableCertPaddingCheck
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.
BFL CVE Remediation
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL CVE Remediation
Data collected on: 23/04/2025 10:47:43
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created02/11/2022 13:40:38
Modified28/12/2023 10:46:08
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions5 (AD), 5 (SYSVOL)
Unique ID{083AEBAD-3ECE-4E12-84AD-C57224D47EFD}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
bflNoEnabledbfl.local
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
DevelopmentNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions/Development
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
DevelopmentNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions/Development
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
DevelopmentNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions/Development
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
DevelopmentNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Development
Application ServersNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions/Test/Application Servers
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
DevelopmentNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions/Development
ServersNoEnabledbfl.local/Accounts Computer/Servers
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Singapore/Servers & Exceptions
Domain ControllersNoEnabledbfl.local/Domain Controllers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Windows Settings
Registry
EnableCertPaddingCheck (Order: 1)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Cryptography\Wintrust\Config
Value nameEnableCertPaddingCheck
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
EnableCertPaddingCheck (Order: 2)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Cryptography\Wintrust\Config
Value nameEnableCertPaddingCheck
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
User Configuration (Disabled)
No settings defined.
CVAD-GL-AD LAPS TPL
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-AD LAPS TPL
Data collected on: 23/04/2025 10:47:43
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created13/01/2023 09:31:58
Modified13/01/2023 09:38:22
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{8604FF49-70C1-486E-9FE2-C24DD467B8B4}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL
EU Beazley P-VDI Desktop DEV - W11 - TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11 - TPL
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Rename administrator account"Letmein"
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
LAPS
PolicySettingComment
Do not allow password expiration time longer than required by policyEnabled
Enable local admin password managementEnabled
Password SettingsEnabled
Password ComplexityLarge letters + small letters + numbers + specials
Password Length12
Password Age (Days)90
User Configuration (Disabled)
No settings defined.
BFL Trusted Root Cert Auth Trend
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Trusted Root Cert Auth Trend
Data collected on: 23/04/2025 10:47:43
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created24/03/2023 10:07:52
Modified24/03/2023 10:27:14
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{1B95D417-38A4-4DF0-A0D0-1EB45357C56D}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Accounts ComputerNoEnabledbfl.local/Accounts Computer
Domain ControllersNoEnabledbfl.local/Domain Controllers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
DigiCert Assured ID Root CADigiCert Assured ID Root CA10/11/2031 00:00:00<All>
DigiCert High Assurance EV Root CADigiCert High Assurance EV Root CA10/11/2031 00:00:00<All>
DigiCert Trusted Root G4DigiCert Trusted Root G415/01/2038 12:00:00<All>
Microsoft Identity Verification Root Certificate Authority 2020Microsoft Identity Verification Root Certificate Authority 202016/04/2045 19:44:40Code Signing, Time Stamping
Microsoft Root Certificate Authority 2010Microsoft Root Certificate Authority 201023/06/2035 23:04:01<All>
Microsoft Root Certificate Authority 2011Microsoft Root Certificate Authority 201122/03/2036 22:13:04<All>
USERTrust RSA Certification AuthorityUSERTrust RSA Certification Authority18/01/2038 23:59:59<All>

For additional information about individual settings, launch the Local Group Policy Object Editor.
User Configuration (Enabled)
No settings defined.
Disable_TLS_1.0_1.1
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Disable_TLS_1.0_1.1
Data collected on: 23/04/2025 10:47:43
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created11/10/2023 14:54:52
Modified11/10/2023 14:55:14
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions0 (AD), 0 (SYSVOL)
Unique ID{5AC30908-1309-410E-B784-5DCD41A9C925}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
No settings defined.
Fix Unquoted Path - Windows
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Fix Unquoted Path - Windows
Data collected on: 23/04/2025 10:47:43
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created01/12/2023 13:34:48
Modified01/12/2023 16:42:14
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions19 (AD), 19 (SYSVOL)
Unique ID{1C0301AF-1C81-4B79-B64E-8B5B0F98962E}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Farmington/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
ServersNoEnabledbfl.local/Accounts Computer/Servers
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Singapore/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Not configured
NameParameters
FixUnquotedPaths.ps1
User Configuration (Enabled)
No settings defined.
Uninstall Windows Defender
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Uninstall Windows Defender
Data collected on: 23/04/2025 10:47:43
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created12/01/2024 09:49:20
Modified19/01/2024 19:13:06
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions32 (AD), 32 (SYSVOL)
Unique ID{D0B250CE-7A88-4DD9-96A8-3BF06ED28C16}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions
TestNoEnabledbfl.local/Accounts Computer/Hawthorne/Servers & Exceptions/Test
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Ireland/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/London/Servers & Exceptions
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Marlborough/Servers & Exceptions
ServersNoEnabledbfl.local/Accounts Computer/Servers
Servers & ExceptionsNoEnabledbfl.local/Accounts Computer/Singapore/Servers & Exceptions

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Preferences
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Uninstall Windows Defender)
Uninstall Windows Defender (Order: 1)
General
ActionReplace
Task
Name Uninstall Windows Defender
Author BFL\a1_AT
Description
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. Weekly
Activate 12/01/2024 23:00:00Synchronize across time zones No
Enabled Yes
Recur every 1 weeks on Friday
Actions
1. Start a program
Program/script powershell.exe
Arguments Uninstall-WindowsFeature -Name Windows-Defender
Settings
Stop if the computer ceases to be idle Yes
Restart if the idle state resumes No
Start the task only if the computer is on AC power Yes
Stop if the computer switches to battery power Yes
Wake the computer to run this task No
Allow task to be run on demand Yes
Run task as soon as possible after a scheduled start is missed No
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop Yes
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVAD-LON FSLogix Revised-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-LON FSLogix Revised-CP
Data collected on: 23/04/2025 10:47:44
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created06/02/2024 14:46:56
Modified24/01/2025 14:38:32
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions39 (AD), 39 (SYSVOL)
Unique ID{90C935EE-E44C-4914-9AB5-4BF91777BD28}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix
PolicySettingComment
Enable search roamingDisabled
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerEnabled
Include Office cache data in containerEnabled
PolicySettingComment
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerEnabled
Include Sharepoint data in containerEnabled
PolicySettingComment
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist1
PolicySettingComment
Set Outlook cached mode on successful container attachEnabled
Set Outlook cached mode on successful container attachEnabled
PolicySettingComment
Store search database in Office 365 containerDisabled
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\eu-lon-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\eu-dub-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.
CVAD DUB-FSLogix Revised-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD DUB-FSLogix Revised-CP
Data collected on: 23/04/2025 10:47:44
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/02/2024 16:08:08
Modified24/01/2025 14:33:38
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions36 (AD), 36 (SYSVOL)
Unique ID{11097811-F387-4E7B-95B6-D3684E5B0037}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop TPL
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley HSD Desktop TPLNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop TPL
EU Beazley HSD Desktop x64NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop x64

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix
PolicySettingComment
Enable search roamingDisabled
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerEnabled
Include Office cache data in containerEnabled
PolicySettingComment
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerEnabled
Include Sharepoint data in containerEnabled
PolicySettingComment
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist1
PolicySettingComment
Set Outlook cached mode on successful container attachEnabled
Set Outlook cached mode on successful container attachEnabled
PolicySettingComment
Store search database in Office 365 containerDisabled
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\eu-dub-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\eu-lon-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.
CVAD-GBL-EM Config Export
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GBL-EM Config Export
Data collected on: 23/04/2025 10:47:44
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created21/03/2024 11:17:56
Modified21/03/2024 12:23:48
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{1535A2B1-0B13-4F79-8F9B-F44DAAEF934C}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Password protect the screen saverEnabled
Prevent changing screen saverEnabled
BFL Symbolic Link enablement
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BFL Symbolic Link enablement
Data collected on: 23/04/2025 10:47:44
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created07/08/2024 19:40:58
Modified26/02/2025 19:38:48
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{E9134085-DAC2-41AD-AF49-E4399C7DA247}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Accounts ComputerYesEnabledbfl.local/Accounts Computer
CVADNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD
CVADNoEnabledbfl.local/Accounts Computer/Ireland/CVAD
CVADNoEnabledbfl.local/Accounts Computer/London/CVAD
CVADNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD
ITYesEnabledbfl.local/Accounts User/Farmington/IT

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Filesystem
PolicySettingComment
Selectively allow the evaluation of a symbolic linkEnabled
Local Link to Local TargetEnabled
Local Link to a Remote TargetEnabled
Remote Link to Remote TargetEnabled
Remote Link to Local TargetDisabled
User Configuration (Enabled)
No settings defined.
CVAD-GL-Security
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-Security
Data collected on: 23/04/2025 10:47:44
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created02/10/2024 17:17:50
Modified20/03/2025 14:39:06
User Revisions8 (AD), 8 (SYSVOL)
Computer Revisions10 (AD), 10 (SYSVOL)
Unique ID{2BEED77C-E816-4A28-85B4-778111B5FEF9}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
Desktop VDANoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Build/Desktop VDA
EU Beazley P-VDI Desktop DEV - W11NoDisabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
EU Beazley VDI Desktop ENG - W11NoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG - W11
EU Beazley P-VDI Desktop DEV - W11NoDisabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley P-VDI Desktop DEV - W11
EU Beazley VDI Desktop DEV - W11NoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop DEV - W11
Desktop VDANoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Build/Desktop VDA

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
System Services
edgeupdate (Startup Mode: Disabled)
Permissions
TypeNamePermission
AllowNT AUTHORITY\SYSTEMFull Control
AllowBUILTIN\AdministratorsRead, Delete
AllowBUILTIN\AdministratorsChange template, Stop, Change permissions, Take ownership
AllowNT AUTHORITY\INTERACTIVERead
Auditing
TypeNameAccess
FailureEveryoneFull Control
edgeupdatem (Startup Mode: Disabled)
Permissions
TypeNamePermission
AllowNT AUTHORITY\SYSTEMFull Control
AllowBUILTIN\AdministratorsRead, Delete
AllowBUILTIN\AdministratorsChange template, Stop, Change permissions, Take ownership
AllowNT AUTHORITY\INTERACTIVERead
Auditing
TypeNameAccess
FailureEveryoneFull Control
MicrosoftEdgeElevationService (Startup Mode: Disabled)
Permissions
TypeNamePermission
AllowNT AUTHORITY\SYSTEMFull Control
AllowBUILTIN\AdministratorsRead, Delete
AllowBUILTIN\AdministratorsChange template, Stop, Change permissions, Take ownership
AllowNT AUTHORITY\INTERACTIVERead
Auditing
TypeNameAccess
FailureEveryoneFull Control
Windows Update (Startup Mode: Disabled)
Permissions
TypeNamePermission
AllowNT AUTHORITY\SYSTEMFull Control
AllowBUILTIN\AdministratorsRead, Delete
AllowBUILTIN\AdministratorsChange template, Start, Change permissions, Take ownership
AllowNT AUTHORITY\INTERACTIVERead
Auditing
TypeNameAccess
FailureEveryoneFull Control
Preferences
Control Panel Settings
Local Users and Groups
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
BFL\BFL Servers-LocalAdmins
BFL\Rol.Sec_ServiceDesk_1stLineS-1-5-21-58594938-1633628789-801526373-87602
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.
CVSD-GL-Disable O365 Updates-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVSD-GL-Disable O365 Updates-CP
Data collected on: 23/04/2025 10:47:44
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created03/12/2024 08:30:36
Modified06/12/2024 10:16:58
User Revisions4 (AD), 4 (SYSVOL)
Computer Revisions18 (AD), 18 (SYSVOL)
Unique ID{13150E1A-A0FB-4CC8-86AA-6847EB5D73FC}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Don’t install a background service for Microsoft Search in BingEnabled
Don’t install Microsoft Teams with new installations or updates of OfficeEnabled
Enable Automatic UpdatesDisabled
Hide option to enable or disable updatesEnabled
Hide Update NotificationsEnabled
Update ChannelDisabled
Update PathDisabled
User Configuration (Disabled)
No settings defined.
CVAD-GL-Disable O365 Updates-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-GL-Disable O365 Updates-CP
Data collected on: 23/04/2025 10:47:45
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created06/12/2024 09:34:50
Modified06/12/2024 09:44:20
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions4 (AD), 4 (SYSVOL)
Unique ID{9F84813E-8BF0-49D9-919F-F545FE4296EF}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop ENG
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Ireland/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
EU Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop ENG
EU Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PIO
EU Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Desktop OS/EU Beazley VDI Desktop PRD
EU Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PIO
EU Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/London/CVAD/Cloud VDA/Server OS/EU Beazley HSD Desktop PRD
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Office 2016 (Machine)/Updates
PolicySettingComment
Don’t install Microsoft Teams with new installations or updates of OfficeEnabled
Enable Automatic UpdatesDisabled
Hide option to enable or disable updatesEnabled
Hide Update NotificationsEnabled
User Configuration (Disabled)
No settings defined.
CVAD-MAR FSLogix Revised-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-MAR FSLogix Revised-CP
Data collected on: 23/04/2025 10:47:45
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created19/12/2024 10:14:36
Modified16/04/2025 14:36:00
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions30 (AD), 30 (SYSVOL)
Unique ID{F4EAF014-D1A7-406E-9218-F5CB2391F0A9}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
US Beazley HSD Desktop TPLNoDisabledbfl.local/Accounts Computer/Marlborough/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix
PolicySettingComment
Enable search roamingDisabled
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerEnabled
Include Office cache data in containerEnabled
PolicySettingComment
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerEnabled
Include Sharepoint data in containerEnabled
PolicySettingComment
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist1
PolicySettingComment
Set Outlook cached mode on successful container attachEnabled
Set Outlook cached mode on successful container attachEnabled
PolicySettingComment
Store search database in Office 365 containerDisabled
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\us-mar-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\us-haw-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.
CVAD-HAW FSLogix Revised-CP
Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CVAD-HAW FSLogix Revised-CP
Data collected on: 23/04/2025 10:47:45
General
Details
Domainbfl.local
OwnerBFL\srv.AGPM.Prod
Created19/12/2024 10:14:50
Modified16/04/2025 14:33:08
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions30 (AD), 30 (SYSVOL)
Unique ID{35C0618B-3EF2-496B-8A95-583B3CA254E3}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
US Beazley VDI Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop ENG
US Beazley VDI Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PIO
US Beazley VDI Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop PRD
US Beazley VDI Desktop TPLNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Desktop OS/US Beazley VDI Desktop TPL
US Beazley HSD Desktop ENGNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop ENG
US Beazley HSD Desktop PIONoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PIO
US Beazley HSD Desktop PRDNoEnabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop PRD
US Beazley HSD Desktop TPLNoDisabledbfl.local/Accounts Computer/Hawthorne/CVAD/Cloud VDA/Server OS/US Beazley HSD Desktop TPL

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
BFL\Domain AdminsReadNo
BFL\Enterprise AdminsReadNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Restricted Groups
GroupMembersMember of
BFL\sec.citrix.fslogix.odfc.enabledFSLogix ODFC Include List
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix
PolicySettingComment
Enable search roamingDisabled
FSLogix/Office 365 Containers
PolicySettingComment
Dynamic VHD(X) allocationEnabled
Dynamic VHD(X) allocationEnabled
PolicySettingComment
EnabledEnabled
EnabledEnabled
PolicySettingComment
Include Office activation data in containerDisabled
Include Office cache data in containerEnabled
Include Office cache data in containerEnabled
PolicySettingComment
Include OneDrive data in containerDisabled
Include OneNote data in containerDisabled
Include OneNote UWP notebook data in containerDisabled
Include Outlook data in containerEnabled
Include Outlook data in containerEnabled
PolicySettingComment
Include Outlook personalization data in containerDisabled
Include Sharepoint data in containerEnabled
Include Sharepoint data in containerEnabled
PolicySettingComment
Include Skype data in containerDisabled
Include Teams data in containerDisabled
Number of per-Session VHDs to persistEnabled
Number of per-Session VHDs to persist1
PolicySettingComment
Set Outlook cached mode on successful container attachEnabled
Set Outlook cached mode on successful container attachEnabled
PolicySettingComment
Store search database in Office 365 containerDisabled
VHD access typeEnabled
Unique disk per session
PolicySettingComment
Virtual disk typeEnabled
VHDX
FSLogix/Office 365 Containers/Advanced
PolicySettingComment
Prevent login with failureEnabled
Prevent login with failureEnabled
PolicySettingComment
Prevent login with temporary profileEnabled
Prevent login with temporary profileEnabled
PolicySettingComment
Remove Orphaned OST Files On LogoffEnabled
Remove Orphaned OST Files On LogoffEnabled
FSLogix/Office 365 Containers/Cloud Cache
PolicySettingComment
Clear local cache on logoffEnabled
Clear local cache on logoffEnabled
PolicySettingComment
Cloud Cache LocationsEnabled
Cloud Cache Locationstype=smb,connectionString=\\bfl.local\us-haw-fslogix\Office-Containers;type=smb,connectionString=\\bfl.local\us-mar-fslogix\Office-Containers
FSLogix/Office 365 Containers/Container and Directory Naming
PolicySettingComment
Swap directory name componentsEnabled
Swap directory name componentsEnabled
User Configuration (Enabled)
No settings defined.